Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

Update: 2024-05-31

Description

In this conclusion of the Detection phase, Clint wraps up Incident Prioritisation. This includes Functional impacts of the incident, information impact of the incident and the recoverability of the incident.

Not all of these are needed, or relevant when tracking your incident and Clint explains when to categorise incidents using these factors.

To finish off, Clint discusses incident notification - Who are the stakeholders that need to be informed and included in your incident response process, and how will they be notified?

Auscert: www.auscert.org.au

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Episode 15 -Windows event log analysis with Hayabusa. The Sigma-based log analysis tool

2024-10-1523:20

Episode 14 - AI and the future of log analysis, bug detection, forensics and AI ethical considerations with Jonathan Thompson

2024-09-2201:08:33

Episode 13-ELK EDR and Sandboxing, Home grown CTF environments, DFIR Automation & Forensics in the cloud, with Jacob Wilson

2024-08-2054:55

Episode 12 - You're forced to decide: Cyber Generalist or Cyber Specialist?

2024-08-1317:47

Episode 11 - Velociraptor, Containerisation and Infrastructure Deployed as Code with Myles Agnew

2024-07-2952:46

Episode 10 - Detecting and Preventing Phishing Attacks

2024-07-1719:04

Episode 9 -Unmasking APT40 (Leviathan): Tactics, Challenges, and Defense Strategies

2024-07-1221:48

Episode 8 - Hidden digital forensic logging for Cybersecurity on Any Budget: Practical Strategies for Enhanced Detection and Prevention Using Sysmon, Blocking Data Exfil with group policy and printer forensics

2024-07-0719:57

Episode 7 - Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures

2024-06-2517:07

Episode 6 - Responding to ransomware - is your VPN a target? Plus ransomware risk mitigation with Phil Ngo

2024-06-2026:11

Episode 5 - NIST SP 800-61 Computer Security Incident Handling Guide (Post-Incident Activity)

2024-06-1233:06

Episode 4 - NIST SP 800-61 Computer Security Incident Handling Guide (Containment,Eradication and Recovery)

2024-06-0722:10

Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

2024-05-3111:41

Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

2024-05-2846:52

Episode 2 - NIST SP 800-61 Computer Security Incident Handling Guide (Preparation)

2024-05-1727:17

Episode 1 - Digital forensics trends and preparations, learning from real life case studies & DFIR training for getting started

2024-05-1623:27

00:00

Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

#box-pro-ellipsis-173457642494526{-webkit-line-clamp:2;}Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

Clint Marsden

Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)