Identification
Identification refers to the first step in the incident response process where an organization determines whether they have been breached or not. Security professionals will seek indicators of compromise while …
Revision
Revision refers to the final aspect of incident response, that of revising procedures and systems to ensure an incident doesn’t occur again. During this part of the process, organizations must …
Recovery
Recovery refers to phase four (4) in CyberHoot’s view of Cybersecurity Incident Handling. In this phase, incident handlers proceed with activities that seek to restore essential services and operations in …