Technical Advances

As technology changes, the field of incident response will change accordingly. Some of the changes will ease the response team’s job by automating or simplifying tasks; others will make it more difficult by placing more sophisticated tools and techniques in the hands of offenders.Automated hacking tools, trojans, and worms are now readily available to attackers.Although most of these are easily detectable and relatively unsophisticated, they are far more widespread than in the past. Programming tools are also available to customize them to escape detection or to provide, for example, encrypted control traffic.

Intrusion Detection

The field of intrusion detection has changed dramatically. Although raw packet logging tools ...

Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.