Phases of Incident Response
The aim of the incident response team is to minimize the amount of harm incurred after a security breach has occurred by trying to mitigate the loss of data, such as intellectual property, personal information or other sensitive private data. One of the main areas of incident management is malware analysis.
Malware analysis helps responders understand the scope of a malware-based incident and identify other hosts or systems that may be affected; this is not limited to a single network, as certain malware will move easily from one end-system to another. Actionable information from malware analysis can help an organization recognize and more effectively fix vulnerabilities exploited to prevent further compromises.
There are Four Phases to an incident repose:
Phase 1 Preparation —
Identify who is part of the incident response team, ensure that they are adequately qualified and recognize their unique roles and obligations in the event of an intrusion. Through running drill scenarios and executing simulated breaches on a daily basis, the incident response plan can be tested and built upon…
