UFIT Services

Incident Response

The UFIT Information Security Office responds to and investigates information security incidents related to misuse or abuse of university information and information technology resources. An information security incident is defined as an event, whether electronic, physical or social that adversely impacts the confidentiality, integrity or availability of University of Florida data or information systems; or a real or suspected action, inconsistent with University of Florida Privacy or Acceptable Use policies. Incident Management services are triggered by an event or request, such as a report of a compromised host, wide-spreading malicious code, software vulnerability, or an event that was identified by an intrusion detection or logging system. Alerts and Warnings involves disseminating information that describes an intruder attack, security vulnerability, intrusion alert, computer virus, or hoax, and providing any short-term recommended course of action for dealing with the resulting problem. Incident Handling involves receiving, triaging, and responding to requests and reports, and analyzing incidents and events. Vulnerability Handling involves receiving information and reports about hardware and software vulnerabilities; analyzing the nature, mechanics, and effects of the vulnerabilities; and developing response strategies for detecting and repairing the vulnerabilities. Artifact Handling involves receiving information about and copies of artifacts (malware) that are used in intruder attacks, reconnaissance, and other unauthorized or disruptive activities.