Incident Response
Learn when to classify events as incidents and how to proceed, including having an incident response plan to prepare for incidents.
Overview
Compared to alerts and events, security incidents are thankfully rare. An organization will experience many different types of security events of varying severity daily. On the rare occasion that an event is severe enough to be classified as an incident, an incident response plan (IRP) should be used. Criteria should be defined in advance to determine whether the event should be treated as an incident.
Get hands-on with 1400+ tech skills courses.