The Security Incident Handling Guide should be in the back pocket of every security officer.  Check out revision 1!

Barbara McGowin

2 Special Publications and 1 Draft (2nd release)

Document #1:
SP 800-61 Revision 1, Computer Security Incident Handling Guide, seeks to assist organizations in mitigating the risks from computer security incidents by providing practical guidelines on responding to incidents effectively and efficiently. The publication includes guidelines on establishing an effective incident response program, but the primary focus of the document is detecting, analyzing, prioritizing, and handling incidents. SP 800-61 Revision 1 updates the original publication, which was released in 2004.

URL: http://csrc.nist.gov/publications/PubsSPs.html#800-61_Rev1

Document #2:
SP 800-28 Version 2, Guidelines on Active Content and Mobile Code, provides an overview of active content and mobile code technologies in use today and offers insights for making informed IT security decisions on their application and treatment. Active content refers to electronic documents that contain embedded software components, including mobile code; examples of mobile code are JavaScript, VBScript, Java applets, and ActiveX controls. The publication gives details about the active content and mobile code threats, technology risks, and safeguards for end user systems. SP 800-28 Version 2 is a new version of SP 800-28, which was released in 2001.

URL: http://csrc.nist.gov/publications/PubsSPs.html#800-28_Version2

Document #3:
NIST has posted a second Draft of SP 800-73-2 Interfaces for Personal Identity Verification for public comments. This draft incorporates some comments and suggestions that were received after the first public comment period had closed (see 3). The changes since the first draft include: 1) relaxation of the Global PIN security status limitations, 2) incorporation of an optional Global and PIV PIN discovery object, 3) addition of a discovery object for the PIV card application, 4) elimination of the previously proposed optional U-CHUID data object, and 5) resolutions of the first draft public comments. Please go to the DRAFTS page to view the Second Public Draft and to learn more about this draft along with where to forward comments to. A comment template form is also provided. Comments period closes on April 4th 2008.

URL: http://csrc.nist.gov/publications/PubsDrafts.html#800-73_Rev2


---------------------
To unsubscribe from this list send e-mail to listproc@... and type in the body of the e-mail message:
         unsubscribe compsecpubs

Reminder:  You need to make sure that you are unsubscribing from the original e-mail address that you subscribed to this list from.  If not, you will receive an error message.  If that is the case, send patrick.oreilly@... an e-mail and I will have to manually delete your email address from the listproc system.  To save time - please provide me with your old email address that you subscribed to the list.  Thanks.

Pat O'Reilly
List Administrator
Computer Security Division
NIST