An Introduction to Incident Handling

by Chad Cook
Sept. 19, 2017 0 comments Symantec Detection & Response incident handling

Incident handling is a generalized term that refers to the response by a person or organization to an attack. An organized and careful reaction to an incident can mean the difference between complete recovery and total disaster. This paper will provide a logical approach to handling two common forms of attack - virus outbreak and system compromise. The method that this article will propose includes the following sequence of steps that should be followed in the case of all types of attack.

https://www.symantec.com/connect/articles/introduction-incident-handling