This chapter covers
- Examining the six phases of responding to an incident
- Studying a security breach in a fictional organization
- Investigating Linux systems and AWS instances with forensic techniques
- Recovering from a breach: the steps an organization must take
“Everybody has a plan until they get punched in the mouth.”
In the first nine chapters of this book, we worked hard to increase infrastructure security, reduce the exposure of sensitive systems to an intrusion, and limit the impact a breach would have on an organization. Continuously improving the security posture of an organization is critical, but you should also be prepared for the moment an attacker breaches ...