Moment's Notice: The Immediate Steps of Incident Handling

by Ben Malisow
Sept. 19, 2017 1 comment Symantec Detection & Response incident handling

The response to systems security incidents is as, if not more, important as detection. What actions you perform subsequent to identifying an incident will not only affect your organization's operations, but may impact future such procedures, your security posture, and the outcome of the situation. This article covers the topic of response, including matters of scale, operational constraints, appropriate countermeasures, legal concerns, and hints for proper implementation. While not technical in nature, this study of response procedures might give you some insight on how to handle the more ambiguous elements of systems security: human factors, policy, and time.

2flash 5 months, 1 week ago

Nicely written but a bit 'blurry' in my opinion. Could use some post-editing....