Chapter 1. Why Care About Incident Response?

Some organizations think that, given the right technology, computer security is something that they do not have to worry about too much. After all, maybe they just purchased the best firewall on the market and its installation is complete. Is there anything more to do? There is. Technology is not a panacea, so knowledgeable people are needed to understand what is going on with an incident and to make considered decisions.

You need people who will know whether a series of events is just a sequence of unrelated occurrences or a clever attempt to subvert the security of the organization—and they need to know how to counteract it. Without this knowledge, the organization will remain vulnerable to attacks ...

Get Computer Incident Response and Product Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.