Book Description
With nation-states, organized crime groups, and other attackers scouring systems to steal funds, information, or intellectual property, incident response has become one of today’s most important technology sectors. If you’re not familiar with incident response, this practical report shows security operations center (SOC) analysts, network engineers, system administrators, and management how to conduct a complete incident response program throughout your organization.
Incident response is essential for every business and organization online as more and more attackers look to make a statement, gather information, or make a buck. In this short primer, author Ric Messier explains foundational concepts and then shows you how to identify and categorize incidents. You’ll learn why preparation is key for detecting activity and responding quickly.
- Explore incident response concepts, including the precise meaning of risk, events, incidents, and threats
- Understand the steps necessary to conduct incident identification and categorization
- Learn how threat intelligence helps you discover who’s attacking and why
- Use threat intelligence to conduct threat hunting and inform your prevention and detection strategies
- Understand why an incident response program will help you limit the number of investigations you conduct