Skip to main content

Incident Response

NIST 800-34 Revisions 1

NIST Definitions from 800-34 Revisions 1

Incident Response

Summary of Incident Response Terminologies

Incident Response Plan

Processes and tools used in incident response

IR Models and Exercises

Incident Response Models and Exercises

Incident Identification

Monitoring is key to detecting signs of incidents

Escalation and Notification

Act immediately, contain the situation

Incident Mitigation

Full mitigation mode to control damage and loss

Recovery and Reconstitution

Restoring to normal operations

Lessons Learned Sessions

Reflect and Improve

SOAR

Security Orchestration, Automation, and Response

Business Continuity

Sustaining operations during disruption

Business Continuity Plan

Sustaining operations during disruption

SPOF and IT Contingency

SPOF Analysis and IT Contingency Plans