FIRST Releases Framework for Product Security Incident Response Teams

The leading association of incident response and security teams released a draft of the Product Security Incident Response Teams (PSIRT) Services Framework for public input. This is a formal list of services a PSIRT may consider implementing to address the needs of their constituency. Public input is welcomed until August 31, 2017 via

14th June 2017 – The Forum of Incident Security Response Teams, Inc. (FIRST) is pleased to release the initial Product Security Incident Response Teams (PSIRT) Services Framework (PDF) for public input. This framework was developed by a global team of PSIRT practitioners from FIRST members and relevant subject matter experts. Development of this initial framework for public input is consistent with FIRST’s goal of producing a framework that is reflective of broad community input and support. FIRST will be accepting comments on the framework through August 31, 2017. Comments should be sent to:

“We are thrilled to announce the release of the PSIRT Framework at our Annual Meeting,” commented Margrete Raaum, President of FIRST. “The Framework is reflective of both the subject matter expertise and commitment of FIRST members who participated in its development as well as FIRST’s organizational commitment to do all we can to assist the global incident response community has the knowledge they need to meet today’s cybersecurity challenges.”

The purpose of the PSIRT Framework is to assist organizations in building, maintaining, and growing capabilities related to Product Security Incident Response Teams. The framework is a guide and identifies various models, capabilities, services and outcomes. In this way, PSIRTs are free to implement their own model and to build capabilities that meet their Stakeholder’s unique needs. The Framework seeks to assist PSIRTs by identifying core responsibilities of PSIRT teams, providing guidance on how to build capabilities to meet those responsibilities and offering insights on how PSIRT teams can add and communicate value to their larger organizations.

“There is no one-size-fits-all approach to building a PSIRT Team,” noted Pete Allor, Chair of FIRST’s Education Advisory Board. “With this Framework we are providing a resource for both those looking to begin building a PSIRT and those looking to mature existing teams so that they can identify strategies that are most useful for their unique circumstances.”

In scope, purpose, and development, the PSIRT Framework is similar to the Computer Security Incident Response Team (CSIRT) Framework that FIRST released in March 2016 and updated in May 2017. Whereas the CSIRT Framework is designed for Enterprise CSIRTs, which are focused on the security of computer systems and/or networks that make up the infrastructure of an organization, the PSIRT Framework is designed for organizations that focus providing technology products. Information on both frameworks can be found on the FIRST website.

Submit a comment by providing:

  1. Line number
  2. Heading
  3. Type of Comment (General, Editorial, Technical)
  4. Comment
  5. Proposed Change

The document can be downloaded here.
E-mail responses to by August 31st, 2017.


Founded in 1990, the Forum of Incident Response and Security Teams (FIRST) consists of internet emergency response teams from more than 360 corporations, government bodies, universities and other institutions across 78 countries in the Americas, Asia, Europe, Africa, and Oceania. It promotes cooperation among computer security incident response teams. For more information, visit:

Media Contacts

Harry Saunders
Four Communications
Tel: +44 (0)20 3697 4329