| CARVIEW |
- About FIRST
- Mission Statement
- Strategy Framework
- History
- Sustainable Development Goals
- Organization
- FIRST Policies
- Anti-Corruption Policy
- Antitrust Policy
- Bylaws
- Board duties
- Bug Bounty Program
- Code of Conduct
- Conflict of Interest Policy
- Document Record Retention and Destruction Policy
- FIRST Press Policy
- General Event Registration Refund Policy
- Guidelines for Site Selection for all FIRST events
- Identity & Logo Usage
- Mailing List Policy
- Media Policy
- Privacy Policy
- Registration Terms & Conditions
- Services Terms of Use
- Standards Policy
- Statement on Diversity & Inclusion
- Translation Policy
- Travel Policy
- Uniform IPR Policy
- Whistleblower Protection Policy
- Partnerships
- Newsroom
- Procurement
- Jobs
- Contact
- Membership
- Initiatives
- Special Interest Groups (SIGs)
- SIGs Framework
- Academic Security SIG
- AI Security SIG
- Automation SIG
- Cybersecurity Communications SIG
- Common Vulnerability Scoring System (CVSS-SIG)
- CSIRT Framework Development SIG
- Cyber Insurance SIG
- Cyber Threat Intelligence SIG
- Curriculum
- Introduction
- Introduction to CTI as a General topic
- Methods and Methodology
- Priority Intelligence Requirement (PIR)
- Source Evaluation and Information Reliability
- Machine and Human Analysis Techniques (and Intelligence Cycle)
- Threat Modelling
- Training
- Standards
- Glossary
- Communicating Uncertainties in CTI Reporting
- Webinars and Online Training
- Building a CTI program and team
- Curriculum
- Detection Engineering & Threat Hunting SIG
- Digital Safety SIG
- DNS Abuse SIG
- Stakeholder Advice
- Detection
- Cache Poisoning
- Creation of Malicious Subdomains Under Dynamic DNS Providers
- DGA Domains
- DNS As a Vector for DoS
- DNS Beacons - C2 Communication
- DNS Rebinding
- DNS Server Compromise
- DNS Tunneling
- DoS Against the DNS
- Domain Name Compromise
- Dynamic DNS (as obfuscation technique)
- Fast Flux (as obfuscation technique)
- Infiltration and exfiltration via the DNS
- Lame Delegations
- Local Resolver Hijacking
- Malicious registration of (effective) second level domains
- On-path DNS Attack
- Stub Resolver Hijacking
- Detection
- Code of Conduct & Other Policies
- Examples of DNS Abuse
- Stakeholder Advice
- Ethics SIG
- Exploit Prediction Scoring System (EPSS)
- FIRST Multi-Stakeholder Ransomware SIG
- Human Factors in Security SIG
- Industrial Control Systems SIG (ICS-SIG)
- Information Exchange Policy SIG (IEP-SIG)
- Information Sharing SIG
- Law Enforcement SIG
- Malware Analysis SIG
- Metrics SIG
- NETSEC SIG
- Public Policy SIG
- PSIRT SIG
- Red Team SIG
- Security Lounge SIG
- Security Operations Center SIG
- Threat Intel Coalition SIG
- Traffic Light Protocol (TLP-SIG)
- Transportation and Mobility SIG
- Vulnerability Coordination
- Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)
- Women of FIRST
- CCB Initiatives
- FIRST CORE
- Internet Governance
- IR Database
- Fellowship Program
- Mentorship Program
- IR Hall of Fame
- Victim Notification
- Volunteers at FIRST
- Previous Activities
- Special Interest Groups (SIGs)
- Standards & Publications
- Events
- Education
- Blog
Becoming a Member
FIRST welcomes new members. There are three categories of membership:
- Full Members are security incident response teams who assist a defined constituency in preventing and handling security-related incidents;
- Associates: are teams that are not in the security incident response business that have a legitimate interest in and value to FIRST;
- Liaisons: are individuals that have a legitimate interest in and value to FIRST.
Only Full Members have voting rights and discounted event registration fees. Other types of members are able to enjoy other benefits of FIRST membership, such as access to the FIRST MISP instance, Slack Workspace, Groups and mailing lists, and other services. You can see the full list of benefits here.
New members must be sponsored by existing Full Members of FIRST who draft letters of support stating how they know/have worked with the applicant:
- Two sponsors for new Full Members. The primary sponsor must be a Full Member outside the parent/host organization and for Full Member applicants they will also conduct a site visit and report;
- One sponsor for new Associates and Liaisons.
A detailed guide on Membership Process for Full member teams can be found here.
A detailed guide on Membership Process for Associates can be found here.
A detailed guide on Membership Process for Liaisons can be found here.
TEAMS APPLYING TO FIRST: Please start here by completing the Membership Interest Form. Liaisons should not use this form but follow the process here.
The Secretariat will begin the review process at the end of each month. The Membership Committee will review prior to posting for comments from the membership. The Board will review/approve applications during their monthly meeting and approved teams will be notified and invoiced.
Fees
Membership year
The Membership year runs from January until December.
Annual membership fee
| Type of membership | Cost |
|---|---|
| Full Member annual membership | US$ 2,800 |
| Associate annual membership | US$ 2,500 |
| Non-Profit (Associate) annual membership | US$ 1,000 |
| Liaison annual membership | US$ 100 |
The membership fee is subject to change each year.
The membership fee is not refundable upon membership termination.
Initial one-time application fee
An applying FIRST Full Member team must pay an initial one-time application fee of US$ 1,000 after its membership is confirmed. This fee only applies to Full Member memberships, not to Liaison or Associate memberships.
New members
A new member is invoiced when the member is joining FIRST, for:
-
Full Members and Associates: the initial one-time application fee (Full Member only), if applicable the per month pro-rated amount of the annual fee (a team only pays the part of the annual fee for the remainder of the membership year)
-
Liaisons: $100 for remainder of the FIRST calendar year (Jan-Dec) regardless of month joined.
Invoicing procedure
Invoices are sent as PDF per e-mail to the member's FIRST representative and are available for download on the FIRST Portal under Billing & Payment. FIRST does not manage third party invoicing software. Processing and payment of the FIRST invoice is the responsibility of the member.
Full Member and Associates payments can be done by:
- Credit card
- Electronic bank transfer/ACH
Liaison Member payments should be processed by credit card.
All details on payment are specified on the invoices that are sent out, or available on request at: FIRST Membership & Secretariat Services
US Tax information
IRS/form W9:
www.first.org/about/reports/FIRST-W9-2025.pdf
Federal Employer Identification Number:
First.Org, Inc. FEIN 38-3943584
Contact information
FIRST Secretariat FIRST Membership & Secretariat Services