by Kevin Ryan, NetApp
Tuesday, January 22nd, 2019
To start you on your path to PSIRT goodness, you’ll want to read and digest the PSIRT Maturity Document created by your friendly global FIRST PSIRT representatives. And what’s a better place to start than at the beginning?
In Maturity Level 1 you’ll learn about PSIRT building blocks like how to leverage the FIRST PSIRT Services Framework, where to focus your efforts to maximize your results, and many more exciting and fun ideas! Ideas such as obtaining executive sponsorship, figuring out why you are here and who your stakeholders are, what kind of budget may be required, as well as the policies and procedures that will allow your PSIRT to grow to fit your organization’s needs and desires. The fun continues as you learn about vulnerability intake, triage and analysis, and even fixing things. And then before moving onto Maturity Level 2 you’ll learn about disclosure, that all-important moment when you tell the world what was found and how to fix it.
This first part of the PSIRT creation can sometimes be painful but know that we’ve all been there and the pain is a normal part of the growing process. Just know that you are not alone – many organizations have done this successfully before you and many will come after. Once you’ve mastered the topics in the Maturity Level 1 you’ll be ready to move on to the next phase of PSIRT goodness – see you there!
Written by Kevin Ryan, NetApp