Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Computer Security Incident Handling Guide

Published

Author(s)

Karen A. Scarfone, Timothy Grance, Kelly Masone

Abstract

[Superseded by SP 800-61 Rev. 2 (August 2012): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=911736] Computer security incident response has become an important component of information technology (IT) programs. Security-related threats have become not only more numerous and diverse but also more damaging and disruptive. An incident response capability is necessary for rapidly detecting incidents, minimizing loss and destruction, mitigating the weaknesses that were exploited, and restoring computing services. This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively. Topics covered include organizing a computer security incident response capability, handling incidents from initial preparation through the post-incident lessons learned phase, and handling specific types of incidents. [Supersedes SP 800-61 (January 2004): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=151291]
Citation
Special Publication (NIST SP) - 800-61 Rev 1
Report Number
800-61 Rev 1

Keywords

computer security incident, incident handling, incident response, threats, vulnerabilities

Citation

Scarfone, K. , Grance, T. and Masone, K. (2008), Computer Security Incident Handling Guide, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD (Accessed December 30, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created March 7, 2008, Updated May 4, 2021