Incident Response - Formal steps to handle security incidents, Preparation - Planning and tools needed before an incident, Detection - Identifying and reporting the incident, Containment - Isolating affected systems to prevent spread, Eradication - Removing malicious components or access, Recovery - Restoring systems to normal operation, Lessons Learned - Reviewing the incident and improving defenses, SIEM - Security Information and Event Management platform, SOAR - Security Orchestration, Automation, and Response platform, Syslog - Logging protocol used for event messages, Log Analysis - Reviewing logs to find anomalies or threats, Penetration Test - Authorized attack simulation to find weaknesses, Vulnerability Scan - Automated scan to identify vulnerabilities, DLP - Data Loss Prevention – protects sensitive data from leaking, Threat Intelligence - Feeds of information about current cyber threats,

Security Operations

طباعة
تضمين

لوحة الصدارة

النمط البصري

الخيارات

تبديل القالب

استعادة الحفظ التلقائي: ؟