Chapter 2. Forming an IRT
Like it or not, attacks do happen. Not all attacks are successful in a way that they result in a compromise, but they do happen. That is a fact of life, and it cannot be ignored. Attackers, in general, are opportunistic. They do not care whether you are a big company or just a small family business with a single computer or if you are an international bank or local charity. If your computers can be compromised, they most probably will be.
After you are attacked, you need to react fast to limit potential damage and, if the worst happens, to prevent further compromises. Any such reaction cannot be the result of an ad-hoc process. Not being prepared will only lead to confusion and an inadequate response. Not having dedicated ...
Get Computer Incident Response and Product Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
