This book is about computer security incident response teams. Sometimes when we mention this phrase, people picture war-painted commandoes, late on a rainy night, in a black helicopter at treetop level, chasing the author of a computer virus through rugged mountainous terrain.
That couldn't be further from the truth. In reality, these teams consist of people who are armed with a plan and a desire to secure and investigate inconsistent, odd, anomalous events, or merely violations of policy on their network and computer systems.
This book is the first to cover the incident response team in depth—from the history and justification for forming one, to the determination of what the team will provide to the organization, to the organization of ...