ASU Computer Security Incident Response Team (CSIRT)

The ASU Computer Security Incident Response Team (CSIRT) has authority to centrally manage all University Information Security Incidents and provide specialized incident response services.
Members may be standing or ad-hoc representatives whose specialized skills/roles may be needed on periodic basis.

Services that the CSIRT provide to the University include:

  • Attack Detection and Prevention - University CSIRT members perform continual monitoring for potential security events relevant to ASU information assets.
  • Forensic Investigations - University CSIRT members offer services to ensure electronic evidence associated with incidents is appropriately collected, analyzed, and preserved.
  • Advisory Distribution - University CSIRT members issue general security advisories to University students, faculty, and staff and technical advisories to University system administrators.
  • Information Sharing - University CSIRT oversees sharing and collection of threat information and intelligence in authorized channels.
  • Technical Consulting - University CSIRT provides technical consulting services to aid University units with safeguarding information assets and implementing defenses in light of security trends and incidents.

NIST incident response lifecycle: Preparation; Detection & Analysis; Containment, Eradication, & Recovery; Post-Incident Analysis