-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

Incident Response in the Age of Cloud
By :

The SOC team works closely with the IR team during the resolution of an incident. Some SOC team members might even be part of the IR team to ensure smooth collaboration between the two teams. Additionally, the SOC team forms an essential part of any organization's defense against cyber threats, implementing the organization's security tools and security strategy. Thus, they are often offered unfiltered information in their incident report, which may include the following.
To ensure all SOC members have familiarity with the incident, the description of the incident has to be detailed. It should capture the events leading to the incident, the immediate effects of the incident, and the organizational resources that were affected. Further, this information should be neatly arranged in a timeline to allow the team to deduce the progression of the incident.
Unlike the IR team, the SOC team...
Change the font size
Change margin width
Change background colour