The ASU Computer Security Incident Response Team (CSIRT) has authority to centrally manage all University Information Security Incidents and provide specialized incident response services.

Members may be standing or ad-hoc representatives whose specialized skills/roles may be needed on periodic basis.

Services that the CSIRT provide to the University include:

  • Attack Detection and Prevention - University CSIRT members perform continual monitoring for potential security events relevant to ASU information assets.

  • Forensic Investigations - University CSIRT members offer services to ensure electronic evidence associated with incidents is appropriately collected, analyzed, and preserved.

  • Advisory Distribution - University CSIRT members issue general security advisories to University students, faculty, and staff and technical advisories to University system administrators.

  • Information Sharing - University CSIRT oversees sharing and collection of threat information and intelligence in authorized channels.

  • Technical Consulting - University CSIRT provides technical consulting services to aid University units with safeguarding information assets and implementing defenses in light of security trends and incidents.




-Detection & Analysis


- Containment, Eradication, and Recovery


-Post Incident Analysis