Get full access to Hands-On Security in DevOps and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Containment and recovery

The short-term objective of containment is to isolate the infected hosts before a complete solution is ready. On the other hand, the long-term objective of recovery is to look for a security control that can avoid a similar security incident in the future, or that can perform automatic recovery when the security incident is detected.

For the containment, there are typical network- or host-containment criteria established by network policy enforcement. Whenever one of the criteria is met, the containment actions can include blocking that specific host, redirecting the traffic to apply the latest security patches, and rejecting specific communication traffic or ports.

The following are common security policy enforcement ...

Get Hands-On Security in DevOps now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now