3 Phases of an Efficient Incident Response on Windows Infrastructure

What is an efficient incident response? The first thing that comes to mind is achieving the incident detection, verification, analysis, and handling activities defined in the SANS PICERL model at the lowest possible cost. All cybersecurity incidents lead to financial losses, which arise from a combination of impacts on the business, resource costs, and third-party involvement costs. Impacts on the business can be either fraud, extortion, or the impact caused by business downtime, forced underperformance, or reputational damage.

An incident can be discovered in the different phases of an attack that we discussed in the previous chapter. The earlier the detection happens, the ...

Get Incident Response for Windows now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response for Windows by Anatoly Tykushin, Svetlana Ostrovskaya

3

Phases of an Efficient Incident Response on Windows Infrastructure

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly