Chapter 14: Hunting and Investigating Security Incidents
This is the last chapter of the book; it has been an exciting journey and you have learned some new things. In this chapter, you can put into practice your knowledge by working on a practical case of a security incident.
Unlike the previous chapters, you will do most of the work, and you will be able to follow incident response (IR) procedures, organize activities in the incident management (IM) platform, and use different tools for hunting and investigation.
In this chapter, you will learn about the following topics:
- Responding to a data breach incident
- Opening a new IR case
- Investigating the security incident