Home
Topics
Enterprise Network Security
Network Intrusion Detection and Analysis
Information Security Incident Response-Detection and Analysis
Incident response best practices

Incident response best practices

Date: Jan 03, 2011

Expert Lenny Zeltser discusses incident response best practices including building and testing policies, creating incident response teams and much more.

Topics include:

Can you speak to the maturity of incident response plans within the enterprise? (0:25)
Where are enterprises most challeneged when it comes to incident response? (1:34)
Is there an ideal skillset for an incident handler? (2:44)
Who must sit on an incident response team? (3:43)
How often should organizations review their incident response plans? (6:22)
How often should organizations conduct a dry run of their incident response plans? (7:55)
Can you talk about the NIST framework and whether it should be customized or not? (9:56)
Where do companies make the most mistakes after an incident has occured? (11:55)

About the expert:
Lenny Zeltser is the New York security consulting leader at Savvis Inc. He is also a senior faculty member at SANS Institute, where he teaches a course on reverse-engineering malware.

More on Information Security Incident Response-Detection and Analysis

File integrity monitoring software benefits for the enterprise
VIDEO - In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises.
Verizon VERIS: Wade Baker discusses incident sharing
VIDEO - In this video, Wade Baker discusses his company's incident sharing system, Verizon VERIS, and explains how they hope to improve the incident response process.
Jim Lewis on SCADA security threats, Stuxnet analysis
VIDEO - Jim Lewis, Director and Senior Fellow at the Center for Strategic and International Studies, gives his analysis of the Stuxnet worm, and what he believes are the greatest threats to SCADA systems.
Quiz: Potential pitfalls in DNSSEC deployments
Quiz - Test your knowledge of DNSSEC deployments in this five-question quiz.
DNSSEC deployments: The top 5 concerns and how to avoid them
Podcast - A DNSSEC deployment is possibly the best mitigation for cache poisoning attacks. Learn how to avoid the top five concerns in DNSSEC deployments.
Shared philosophy aids FBI agent’s move to security startup CrowdStrike
News - Attackers are already in the network, so if companies aren’t monitoring activity, they’re not doing enough, said Shawn Henry of CrowdStrike.
( Apr 23, 2012 )
Industry is doomed by automation, misguided IT security strategy, experts warn
News - Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch.
( Apr 04, 2012 )
Information security intelligence demands network traffic visibility
Tip - Use the network and host data at your disposal to create business-focused information security intelligence policies and strategies.

Latest Headlines

Featured

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

Incident response best practices

Incident response best practices

More on Information Security Incident Response-Detection and Analysis

More from Related TechTarget Sites