Security Incident Triage

Security Incident Triage

• discover the key concepts covered in this course
• describe the concepts of security triage and strategies to implement triage
• describe the tools used in security triage
• describe automation techniques in security triage
• describe common tips and rules of thumb for security triage
• describe the importance of communication and stakeholder management in security triage
• describe approaches to detecting anomalies and handling them with security triage
• describe common protocol anomalies that require triage
• describe monitoring for incidents in security triage
• analyze SSH activity and describe security events to look for
• analyze DNS activity and describe security events to look for
• analyze HTTPS activity and describe security events to look for
• analyze system log activity and describe security events to look for
• summarize the key concepts covered in this course

Explore the importance of security incident triage in handling incidents in a timely and automated manner. Familiarize yourself with anomalies and activities that often require triage.