This GitHub repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
During the ‘51st TF-CSIRT meeting’ (held on 15 May 2017 in The Hague, Netherlands) the CSIRT community concluded that there was an urgent need for an incident taxonomy (i.e., classification scheme) that serves as a fixed reference for all CSIRTs.
ENISA and TF-CSIRT therefore created the ‘Reference Security Incident Taxonomy Working Group' (RSIT WG) with the aim of enabling the CSIRT community to reach a consensus on a security incident reference taxonomy. The RSIT WG was approved as official TF-CSIRT working group by the TF-CSIRT Steering Committee on 26 September 2018.
Please follow the below guidelines when contributing to the RSIT GitHub project:
- Before making any contributions read the Terms of Reference carefully.
- Add any bug reports or requests by creating an issue.
- Make direct changes to the repository by creating a pull request. Any submitted pull requests will be discussed at the next TF-CSIRT event and merged, providing they achieve group consensus.
- When making changes to the RSIT itself only edit the machinetag file; the human-readable file will be automatically generated from this.
- Discussions regarding the contents of the document shall happen via the mailing list.
- Should you have any questions, please feel free to first ask the maintainers.
Check the TF-CSIRT meeting page to register for the next upcoming meeting.
This GitHub project is licenced under CC0 1.0 Universal (CC0 1.0). For more information see the licence.
This work is built on the previous work by Jimmy Arvidsson, Don Stikvoort and eCSIRT.net who are fully acknowledged hereby. It was previously called eCSIRT taxonomy.