Codecademy Logo

Remediation and Incident Response

Cybersecurity: Remediation

Remediation is the process of mitigating a vulnerability or threat.

Remediation can happen WITHOUT an incident, but incident response requires remediation. If a security issue is discovered before an incident has occurred, then remediation can take place.

Incident Response

In Cybersecurity, incident response is defined as everything that needs to happen to investigate and recover from an incident.

Cybersecurity: Incident Response Lifecycle

In Cybersecurity, the lifecycle of incident response is:

  • Preparation
  • Detection and Analysis
  • Remediation
  • Review

Incident Response (IR) Playbook

An Incident Response (IR) Playbook is a one size fits all solution that can be used to respond to any incident.

It might contain details such as:

  • Who to contact when an incident is detected.
  • Containment procedures for different types of incidents.
  • Guidelines for how to preserve evidence for investigation.

Parties Involved in Incident Response

Incident response requires many different parties:

  • Programmers
  • Lawyers
  • Public Relations Firms
  • HR
  • and more!

This depends on the severity and type of incident as well as how public-facing it is.

0