Software Engineering Institute

Building a computer security incident response team (CSIRT) with capable incident handlers means hiring people with the right skills, technical expertise, and capabilities. In this white paper, we describe a set of skills that CSIRT staff members should have to provide basic incident-handling services.