NIST, Computer Security Incident Handling Guide (NIST Special Publication 800-61) (Rev. 1) (Mar. 2008) (full-text); (rev. 2) (Feb. 2012) (full-text).


This publication provides guidelines for incident handling, particularly for analyzing incident-related data and determining the appropriate response to each incident. The guidelines can be followed independently of particular hardware platforms, operating systems, protocols, or applications.

This document assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively.

Community content is available under CC-BY-SA unless otherwise noted.