Use your computer fearlessly.




Mission Services Articles Research






What is Cybersecurity Incident Response?

by Brent Kirkpatrick

(Date Published: .)



Hacking stops when incident response teams take technical measures motivated by forensics to block intrusions.



Incident response in cybersecurity is the high-energy process of responding on-site to cyberattacks in progress. The goal is to deflect the hacker by removing their intrusion routes and cleaning up the back-doors they planted. Hackers generally continue to cause damage until all their routes of access are blocked.

This approach to cybersecurity is new in the last fifteen years. Back in the 1990's, it was sufficient to patch computers each time a virus was discovered. Today, hacking has grown more sophisticated. Hackers aim to remain undetected on networks. IT people may discover a hacker's most obvious efforts, block the intrusion route, and fail to discover a backdoor hiding on another computer.

The approach taken today, to remediate hacking, is to treat it as an ongoing emergency and address the problem using an Incident Response Team. The team employs sophisticated tools to detect the presence of hackers, discover their intrusion routes, scan for exploits, remove exploits, and patch computer systems. These tools often involve digital forensics and extensive trouble-shooting.

Incidence Response is a security consulting service. Rarely is it sufficient to simply install a new firewall. Instead, Incidence Response teams work to discover active vulnerabilities and repair them. These highly skilled teams often come from outside the organization under attack.


Clean-Up. Incident response driven by data and AI.


Business Articles

Why Clean-Up Hacking?
Cascading Data Breaches
Rapid Containment of Intrusions
Incident Response Plan
Rapid Response to Breach, Part 1. Introduction.







INC Logo




What Is New? | Contact | Tips


© 2015, 2016, 2017, 2018 Intrepid Net Computing. All rights reserved.