Chapter 1. Why Care About Incident Response?

Some organizations think that, given the right technology, computer security is something that they do not have to worry about too much. After all, maybe they just purchased the best firewall on the market and its installation is complete. Is there anything more to do? There is. Technology is not a panacea, so knowledgeable people are needed to understand what is going on with an incident and to make considered decisions.

You need people who will know whether a series of events is just a sequence of unrelated occurrences or a clever attempt to subvert the security of the organization—and they need to know how to counteract it. Without this knowledge, the organization will remain vulnerable to attacks ...

Get Computer Incident Response and Product Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.