Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/qeeqbox/incident-response

Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack
https://github.com/qeeqbox/incident-response

cycle incident-response infosecsimplified qeeqbox

Last synced: 3 months ago
JSON representation

Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack

Awesome Lists containing this project

README 

        
 



## Incident response

Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack



## Steps

#### Preparation

This step determines how the origination will respond in case a data breach or cyberattack occurs (It's established before the incident)

- List of assets (Risk assessment)

- Communication

- Documentation

- Training

- IR plan



#### Identification

Determinate whether a data breach or cyberattack happened or not



#### Containment

Once an incident is identified, then affected assets are isolated

- Short-term

- Long-Term



#### Eradication

Eliminate the cause of the data breach or cyberattack



#### Recovery

Bring the affected assets back to production and monitor them to ensure everything is back to normal



#### Lessons Learned

Finish up documentation and answer some follow-up questions regarding how to improve the current process



## ID

51a6dc04-1550-4e08-a1e9-f4e909959b4f



## References

- https://en.wikipedia.org/wiki/Computer_security_incident_management

- https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf

- https://www.cisa.gov/cyber-incident-response