Identifying Risk; Innovating Response; Advancing Security; ICASI

Core of ICASI

  • Multi-Stakeholder Incident Response:
    The Unified Security Incident Response Plan (USIRP) is one of the primary means by which ICASI fulfills its mission of enhancing the global security landscape. Comprising a trusted forum and supporting processes, procedures, and tools, the USIRP enables Security Incident Response Teams (SIRTs) from ICASI member companies as well as select, invited outside organizations to collaborate quickly and effectively to resolve complex, multi-stakeholder Internet security issues.
  • Vulnerability Coordination:
    ICASI is working in partnership with FIRST to drive the industry toward more organized and repeatable approaches via the Vulnerability Coordination SIG. In that quest, it is working with a broad array of other stakeholders and organizations to develop best practices and methods that effectively address the complexities of today’s internet security landscape.
  • Information Sharing:
    ICASI is a pre-eminent trust forum where members routinely share best practices and exchange protected information around vulnerabilities and mitigations. ICASI’s unique, multilateral non-disclosure agreement (NDA) enables members and other vetted organizations to collaborate and share critical information openly with one another while protecting each company’s intellectual property.


1105, 2021

Statement from the Industry Consortium for Advancement of Security on the Internet (ICASI) on Aggregation and Fragmentation Attacks against Wi-Fi

The Industry Consortium for Advancement of Security on the Internet (ICASI) today announces the coordinated disclosure of a series of [...]


605, 2020

Increased CVE Counts: A Positive Indicator of a Maturing Security Ecosystem

The number of reported vulnerabilities of a product is sometimes cited as a measure of its relative security. In this article, [...]

3004, 2019

The PSIRT Services Framework: Helping the Industry Protect the Ecosystem

At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities [...]

View all posts.