Incident Response, Formal steps to handle security incidents, Preparation, Planning and tools needed before an incident, Detection, Identifying and reporting the incident, Containment, Isolating affected systems to prevent spread, Eradication, Removing malicious components or access, Recovery, Restoring systems to normal operation, Lessons Learned, Reviewing the incident and improving defenses, SIEM, Security Information and Event Management platform, SOAR, Security Orchestration, Automation, and Response platform, Syslog, Logging protocol used for event messages, Log Analysis, Reviewing logs to find anomalies or threats, Penetration Test, Authorized attack simulation to find weaknesses, Vulnerability Scan, Automated scan to identify vulnerabilities, DLP, Data Loss Prevention – protects sensitive data from leaking, Threat Intelligence, Feeds of information about current cyber threats.

Security Operations

oleh
Cetakan
Benamkan

Papan mata

Gaya visual

Pilihan

Tukar templat

)
Pulihkan autosimpan: ?