Chapter 15
Threat and Incident Management
What is the concept of defense: The parrying of a blow. What is its characteristic feature: Awaiting the blow.
—On War, Carl Von Clausewitz
Learning Objectives
After studying this chapter, you should be able to:
Present an overview of the process of managing technical vulnerabilities.
Appreciate the importance of security event logging to the event management process.
Understand the nature and purpose of threat intelligence.
Explain the typical nature of cyber attacks and strategies for preventing and responding to them.
Understand the difference between a security event and a security incident.
Present an overview of the security incident management process.
Explain the specialized aspect of incident ...
Get Effective Cybersecurity: A Guide to Using Best Practices and Standards now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.