From the course: Static Application Security Testing

Unlock the full course today

Join today to access over 24,600 courses taught by industry experts.

Security incident response policy

Security incident response policy - SonarQube Tutorial

From the course: Static Application Security Testing

Security incident response policy

- [Instructor] Bad things are going to happen. Whether accidental or intentional, there's just no way around it. But you can plan ahead. That's where security incident response policies come into play. I don't know how many times I've uttered the phrase, "Language is important throughout my career," and this is one of the main reasons why. Security events, security incidents, and security breaches are three very different, very distinct things. The security event is a single activity, ideally one that you capture in a log, that could be either a success or a failure. It could also be entirely benign or potentially malicious in nature. An event is just a thing that happened. When you analyze one or more events and detect an active threat, someone or something that intends to harm your organization unless you take action to stop them, that's a security incident. A security breach is a specific type of security…

Contents