How to Respond to Cybersecurity Incidents: Exploring the NIST and SANS Incident Response Models

NIST's Incident Handling Model and SANS' PICERL Incident Response Model outline best practices when responding to active cybersecurity threats. In this edition of #TechTalkTuesday, we discuss each model and important considerations for incident responders at each phase. Please like and subscribe to support our channel! Follow us on Twitter: https://twitter.com/insaneforensics Follow us on LinkedIn: https://www.linkedin.com/company/insane-forensics Hire us for your next threat hunt: https://insaneforensics.com/ Chapters: 00:00 - Intro 00:23 - Overview of NIST's Cyber Security Incident Handling Model 02:57 - Overview of SANS' PICERL Incident Response Model 03:46 - Incident Response Preparation Phase 07:30 - Incident Response Identification, Detection, and Analysis Phase 10:35 - Incident Response Containment, Eradication, and Recovery Phase 13:13 - Incident Response Lessons Learned and Post-Incident Analysis 17:32 - Wrapping Up