Incident response – Reporting

Incident response – Reporting: Reporting involves documenting the incident and the actions taken to resolve it. This includes creating a report that describes the details of the incident, the impact on the organization, and the steps taken to mitigate the impact. Reporting is important for tracking the effectiveness of incident response efforts and identifying areas […]

Incident response – Response/mitigation

Incident response – Response/mitigation: Response refers to the actions taken to address the incident and minimize its impact. This may include isolating affected systems, blocking access to malicious websites, or restoring data from backups. Mitigation involves taking steps to prevent future incidents from occurring, such as patching vulnerabilities or implementing additional security measures. For example, […]

Incident response – Review and improvement

Incident response – Review and improvement: Review and improvement involves evaluating the effectiveness of the incident response process and making improvements as needed. This may include reviewing the incident response plan, identifying areas for improvement, and implementing changes to enhance the organization’s ability to handle future incidents. For example, a company may conduct a review […]

Immutable Infrastructure

Immutable Infrastructure: The concept of replacing existing infrastructure components or systems instead of updating them. With an immutable infrastructure, once a system or component is deployed, it is not modified – any changes lead to a new deployment of a system or component. This philosophy is intended to increase the reliability, consistency, and repeatability of […]

Impersonation

Impersonation: This involves an entity pretending to be another with the intent to deceive. It’s often used as a technique in deceptive attacks, where an attacker may impersonate a legitimate user, system, or device to gain unauthorized access or provoke actions that compromise security. Countermeasures against impersonation include robust authentication protocols, awareness training, and anomaly […]

Implement

Implement: The process of putting a plan or decision into effect, often involving the setup, configuration, and integration of hardware, software, or protocols. In the context of security, implementation could involve the application of a new policy, the installation of a new security system, or the enforcement of a security standard across an organization. Proper […]