Government Forum of Incident Response and Security Teams (GFIRST)

The Government Forum of Incident Response and Security Teams (GFIRST) is a group of technical and tactical practitioners of security response teams responsible for securing government information technology systems. GFIRST members work together to understand and handle computer security incidents and to encourage proactive and preventative security practices. GFIRST promotes cooperation among the full range of federal agencies, including defense, civilian, intelligence, and law enforcement. The purpose of the GFIRST peer group is to

  • provide members with technical information, tools, methods, assistance and guidance
  • coordinate proactive liaison activities and analytical support
  • further the development of quality products and services for the Federal Government
  • share specific technical details regarding incidents within a trusted U.S. government environment on a peer-to-peer level
  • improve incident response operations

US-CERT Portal

The GFIRST Compartment in the US-CERT Portal provides a secure, web-based collaborative system to share sensitive cyber-related information with participants in the public and private sector, including GFIRST, the CISO Forum, NCRCG, ISAC members, and various other working groups. GFIRST members must meet the following three criteria:

  • be a U.S. citizen
  • have and use a .gov or .mil email address
  • be a part of a U.S. Government Agency cyber incident response team

To learn more or apply for access, please contact

GFIRST National Conference

At this time, there are no additional details available regarding the status of the conference. When details are available regarding future conferences, they will be provided on this website.

Previous GFIRST Programs?

Please contact us if you are interested in receiving any presentations from past conferences.