Glossary

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | _1234567890

identify

The first phase of incident response once an alert has been escalated to an incident. It is never optional. This phase involves understanding the following to a degree that allows closure of the incident: the signature, the vulnerability or exposure, the action, the target, the result, and any attack tools involved.