Incident Response, Formal steps to handle security incidents, Preparation, Planning and tools needed before an incident, Detection, Identifying and reporting the incident, Containment, Isolating affected systems to prevent spread, Eradication, Removing malicious components or access, Recovery, Restoring systems to normal operation, Lessons Learned, Reviewing the incident and improving defenses, SIEM, Security Information and Event Management platform, SOAR, Security Orchestration, Automation, and Response platform, Syslog, Logging protocol used for event messages, Log Analysis, Reviewing logs to find anomalies or threats, Penetration Test, Authorized attack simulation to find weaknesses, Vulnerability Scan, Automated scan to identify vulnerabilities, DLP, Data Loss Prevention – protects sensitive data from leaking, Threat Intelligence, Feeds of information about current cyber threats

排行榜

視覺風格

選項

切換範本

恢復自動保存: ?