August 2001
Intermediate to advanced
240 pages
8h 28m
English
Content preview from Incident ResponseBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Keeping Up with Attack Profiles
Because it is so important to maintain a current knowledge and awareness of the state of the hack, every incident response team must ensure that its members are adequately collecting, analyzing, assimilating, and disseminating the right information. That means that a percentage of time of every person on the team, no matter how small or large, should be spent on maintaining the knowledge base and gathering intelligence. There are a number of ways to do that efficiently, but in the end, there’s no real substitute for reading, testing, and documenting. Some suggestions for maintaining your knowledge base include:
- Open sources of information
There are hundreds of public information sources that directly relate to state of the hack technology issues out on the Internet. These range from web sites to electronic mailing lists and Usenet newsgroups. In fact, finding the groups is the easy part; sifting through the vast amounts of data to separate the quality content from the noise is the difficult part. In their aggregate, these information sources produce an enormous amount of information that is probably more than any one person can reasonably read to any appreciable level of comprehension. One way to optimize a team’s efforts in sifting through these information sources is to assign different lists, technologies, pages, and so forth, to each team member. Another alternative is to use automated data filtering tools to search for particular key words, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.