ENISA Recommends Central Repository For Incident Classification and Terms Used by EU CSIRTs

There is currently no consensus on concepts and definitions related to taxonomies and a lack of terms to properly handle reporting issues such as incident impact, incidents with no malice intended, and differentiation between intrusions and intrusion attempts; a repository should be set up to provide a general overview of what taxonomies are used by CSIRTs, and for selection of appropriate taxonomies for specific use cases, and standardized definitions, and tags/values should be developed that can apply across all taxonomies.

The aim of this document is to provide good practices on using taxonomies for incident detection and prevention by taking into account the input received from the CSIRT community and relevant information from previous ENISA studies. In addition, it provides conclusions and recommendations on improvements that can be made on current taxonomies.

The document … here

Be the first to comment

Leave a Reply

Your email address will not be published.