HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 55 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Incident Responsearrow Incident Response vs. Incident Handling
EH-Net
May 21, 2013, 10:41:44 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Incident Response vs. Incident Handling  (Read 3983 times)
0 Members and 1 Guest are viewing this topic.
timmedin
Sr. Member
****
Offline Offline

Posts: 469



View Profile WWW
« on: April 17, 2009, 04:19:45 PM »
A good overview of the difference between handling and responding to an incident and the skills needed for each.

Quote
One of the things that comes ups frequently in discussion is the difference between incident response, and incident handling. 
...
That is the difference between Incident Response, and Incident Handling.  Incident Response is all of the technical components required in order to analyze and contain an incident.  Incident Handling is the logistics, communications, coordination, and planning functions needed in order to resolve an incident in a calm and efficient manner. Yes, there are people who can fulfill either role, but typically not at the same time. The worse things get, the greater the requirement for the two different roles becomes.
...

http://isc.sans.org/diary.html?storyid=6205&rss
Logged
twitter.com/timmedin | http://blog.securitywhole.com
unsupported
Sr. Member
****
Offline Offline

Posts: 318


Unofficial Newbie Moderator


View Profile
« Reply #1 on: April 20, 2009, 09:16:49 AM »
I see your post, and raise you a blog.  http://taosecurity.blogspot.com/2009/04/speaking-of-incident-response.html

Quote
Incident response and incident handling are synonyms. If you need to differentiate between the role that does technical work and one which does leadership work, you can use incident response/handling for the former and incident management for the latter.

The blog goes into a further dissection of GCIH as a technical cert, with CERT's CCSI as being the management portion.

I agree with Bejtlich in that being GCIH certified does not automatically grant someone the ability to handle incidents.

But then again, I neither myself or my company would ever pay $9k+ for CERT's cert.. so I'm going GCIH.

Good topic!  I was going to bring it up this morning if someone hadn't.
Logged
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.066 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.