2 Incident Response Process

In the last chapter, you learned about the three pillars that sustained your security posture, and two of them (detection and response) are directly correlated with the incident response (IR) process. To enhance the foundation of your security posture, you need to have a solid incident response process. This process will dictate how to handle security incidents and rapidly respond to them. Many companies do have an incident response process in place, but they fail to constantly review it to incorporate lessons learned from previous incidents, and on top of that, many are not prepared to handle security incidents in a cloud environment.

In this chapter, we're going to be covering the following topics:

The incident ...

Get Cybersecurity – Attack and Defense Strategies - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cybersecurity – Attack and Defense Strategies - Second Edition by Yuri Diogenes, Erdal Ozkaya

2

Incident Response Process

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly