Language:

Security Learning Center

What is Incident Response?

An Incident Response team is ready to help contain and remediate an attack that successfully compromises assets.

LEARN Managed Security Services Incident Response

Services

Managed Services

FAQ

Frequently Asked Questions on Incident Response

Glossary of Terms

Common terminology related to Incident Response

Learn about Incident Response

A strong cybersecurity program is intended to defend against attacks by limiting exposure to threats, but nothing is completely impenetrable. Sometimes attacks are successful, and efforts must shift gears to assess, investigate, and contain the attack to minimize damage.

Incident Response: FAQ

  • 1 What is considered an incident?

    An incident falls into one of the following categories:

    • Data breach
    • Stolen IT equipment such as a laptop, hard drive, server, etc.
    • Internal or external network intrusion
    • Rogue employee

  • 2 What is the process for response?

    • Sample collection/data gathering
    • Analysis
    • Containment
    • Remediation
    • Education