July 2018
Intermediate to advanced
356 pages
9h 18m
English
Content preview from Hands-On Security in DevOps
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Post-incident activity
Hosting a lessons learned meeting or post-mortem analysis report can help the team to learn from the incident. The primary objective of the lessons learned meeting is to look for the improvement of each phase during the security incident response process. This kind of meeting is often neglected once the security issue is solved. It's suggested that you at least document the process of the security incident and incorporate it into the knowledge base.
For a lessons learned meeting, the meeting should focus on how the team can improve together and prevent a similar issue in the future instead of blaming someone for the error. The inputs of the post-mortem meeting typically include the proposed security control changes, ...