CERT provides guidance on how to establish computer security incident response teams (CSIRTs) to help you protect your networks against intrusions and vulnerabilities.

CSIRT Development Area
Contains documents to help you create CSIRTS, related training courses, and compiled lists of security response teams.

	CSIRT Frequently Asked Questions
	Creating a Computer Security Incident Response Team: A Process for Getting Started
	Action List for Developing a Computer Security Incident Response Team (CSIRT)
	Steps for Creating National CSIRTs

CERT/CC recognizes the unique issues facing CSIRTs with national responsibility. It is important to provide a mechanism for cooperation and collaboration to solve many of the issues we share in common. We believe that information sharing is not sufficient to overcome these threats and hope to foster relationships and collaborate on solutions to the problems.

National CSIRTs Area
Find information about projects, collaborative efforts, and documents of interest to CSIRTs with national responsibility.

	Preliminary Information: Collaboration Meeting for CSIRTs with National Responsibility
	Presentations from the July Workshop
	National Computer Emergency Response Teams

As part of ongoing partnerships with DHS and US-CERT, Forensics is a new area of research for CERT. It includes developing computer forensics gap area tools, researching advanced network forensics, and preparing system and network administrator to become "First Responders."

	First Responders Guide to Computer Forensics - Advanced Topics (pdf)
	First Responders Guide to Computer Forensics (pdf)
	Live View This beta tool facilitates the forensic examination of disk images or physical drives in a virtual machine.

Forensics Area
Contains additional tools, documents, and contact information.