Incident Response

  • Izzat Alsmadi


A security incident is an insider or adversary event that can impact organization assets and compromise their security goals (e.g., confidentiality, integrity, availability, access control).


  1. Bejtlich R (2010) CIRT-level response to advanced persistent threat. SANS Forensics Incident Response SummitGoogle Scholar
  2. Bellovin SM, Landau S, Lin HS (2017) Limiting the undesired impact of cyber weapons: technical requirements and policy implications. J Cybersecur 3(1):59–68. Scholar
  3. Campbell T (2003) An introduction to the computer security incident response team (CSIRT) set-up and operational considerations. Global information assurance certification paper. giac.orgGoogle Scholar
  4. Cichonski P, Millar T, Grance T (NIST), Scarfone K (Scarfone Cybersecurity) (2012) NIST Special publication 800-61, SP 800-61 Rev. 2. Computer security incident handling guide, August 2012Google Scholar
  5. Gennuso K (2012) Shedding light on security incidents using network flows. SANS.
  6. Information security Technologies to Secure Federal Systems (2004) GAO report to congressional requesters. GAO-04-467.
  7. InfoSec Nirvana (2015) Part 2, Incident classification, security investigation series.
  8. Kumari W, McPherson D (2009) Remote triggered black hole filtering with unicast reverse path forwarding (uRPF). Network working group, request for comments: 5635Google Scholar
  9. Lewis L (1993) A case-based reasoning approach to the management of faults in communications networks. CAIAGoogle Scholar
  10. Libicki M (2017) Second acts in cyberspace. J Cybersec 3:29–35Google Scholar
  11. Mehta L (2014) Top 6 SIEM Use Cases—InfoSec Institute. Accessed 6 Sept 2014
  12. Olson L, Blackwell A (1990) Understanding network management with OOA. IEEE network magazineGoogle Scholar
  13. Sang-Hun C (2016) Computer networks in South Korea are paralyzed in cyberattacks. New York Times. Last Accessed 26 June 2016
  14. Trivedi K (2007) A standards-based approach for offering a managed security service in a multivendor network environment. Internet Protocol J 10(3)Google Scholar
  15. Zhang E (2017) What is event correlation, examples, benefits and more. Digi Guardian,

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Izzat Alsmadi
    • 1
  1. 1.Texas A&M UniversitySan AntonioUSA

Personalised recommendations