Incident Response Plan
Snort helps you discover and manage security-related events. Up until now the focus of this book has been on the gathering and alerting of intrusion related data. The relevant question remains of what to do when you detect a real intrusion. Many novice security practitioners assume that they will deal with the specifics of an incident when it actually arises. The flawed logic is that each security event is unique and that any pre-planning is useless. Security events are best handled when they are reacted to according to a previously developed plan that includes all the appropriate persons. Industry best practices and established guidelines have determined that developing an incident response plan greatly reduces the negative ...
Get Intrusion Detection with Snort now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
