CISA Issues Technical Guidance on Uncovering and Remediating Malicious Network Activity
The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued guidance for network defenders and incident response teams on identifying malicious activity and mitigating cyberattacks. The guidance details best practices for detecting malicious activity and step by step instructions for investigating potential security incidents and securing compromised systems.
The purpose of the guidance is “to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.” The guidance will help incident response teams collect the data necessary to investigate suspicious activity within the network, such host-based artifacts, conduct a host analysis review and analysis of network activity, and take the right actions to mitigate a cyberattack.
The guidance document was created in..