post-breach analysis

A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. It results in information being accessed without authorization. Typically, it occurs when an intruder is able to bypass security mechanisms.

Technically, there's a distinction between a security breach and a data breach. A security breach is effectively a break-in, whereas a data breach is defined as the cybercriminal getting away with information. Imagine a burglar; the security breach is when he climbs through the window, and the data breach is when he grabs your pocketbook or laptop and takes it away.
https://www.kaspersky.com/resource-center/threats/what-is-a-...

Post-Breach Analysis
https://www.fdic.gov/formsdocuments/data-breach-guide.pdf

Post-Breach Analysis and Cyber Litigation

If and when a breach occurs, it is extremely important that once the breach has been identified, contained and remedied that you understand where the vulnerability existed. Field Law’s cyber counsel have experience working with forensic experts to assist with:
https://www.fieldlaw.com/Services/Intellectual-Property-Tech...

https://www.google.pl/search?source=hp&ei=vgAzX4KJJMn0aKuhi5...

... several key concepts that allow us to prioritize the post-compromise analysis and remediation for hosts on the same network as the compromised system - https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=91512...

--

This describes some useful techniques for performing a post-compromise forensic analysis of a Red-Hat-like operating system, such as Red Hat Enterprise Linux, CentOS, and Fedora. - https://tinyurl.com/y26r7lgy


--

3. Proactive vs Reactive
This is where I feel cyber threat intelligence has the advantage. When it comes to reactive or post compromise analysis, DCO folks getting a crash course in intelligence will likely be a much better asset to the mission than a traditional intelligence analyst trying to sort out DCO - https://medium.com/adapt-forward-cyber-security/which-is-eas...