主页 / 行业报告 / Incident Response Guide
  • 作者
    卡巴斯基 Kaspersky
  • 简介
    • About this guide
      • Terms and definitions
    • Incident Response Basics
      • Attack lifecycle (kill chain)
      • Incident response steps
    • Recommended IR process and rules
      • Preparation
      • Identification
        • Incident triggers
        • Prioritization guidelines
        • Analyzing incidents in SIEM
      • Containment
      • Eradication
      • Recovery
      • Lessons learned
    • Incident response example
      • The attack plan
      • The incident response
        • Preparation (example)
        • Identification (example)
        • Containment (example)
        • Eradication and Recovery (example)
        • Lessons learned (example)
    • Recommended tools and utilities
      • Tools for collecting IOC
        • Sysinternals utilities
        • Tools for creating dumps
        • GRR Rapid Response
        • Forensic Toolkit
        • dd utility
        • Belkasoft RAM Capturer
      • Tools for analysis
        • Kaspersky Threat Intelligence Portal
        • Tools for analyzing memory dumps
        • Tools for analyzing hard disk dumps
        • Strings utility
      • Tools for eradication
        • Kaspersky Virus Removal Tool
        • Kaspersky Rescue Disk
    • AO Kaspersky Lab
    • Trademark notices
  • 援引
    http://m.bobao.360.cn/learning/detail/4330.html
  • 提示
    本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
附件下载
  • Incident_Response_Guide_eng.pdf
    时间: 大小: 2.05 M 下载: 43
  • 卡巴斯基应急响应指南(译).pdf
    时间: 大小: 1.99 M 下载: 45