Credential Access (Unsecured Credentials) Incident Response Playbook
This download includes the 6clicks Incident Response playbook for Credential Access (Unsecured Credentials) The purpose of a Cyber Security Playbook, or Security Playbook, is to provide all members of an organisation with a clear understanding of their roles and responsibilities regarding cybersecurity: before, during and after a security incident.
Adversaries may search compromised systems to find and obtain insecurely stored credentials. These credentials can be stored and/or misplaced in many locations on a system, including plaintext files (e.g. Bash History), operating system or application-specific repositories (e.g. Credentials in Registry), or other specialized files/artefacts (e.g. Private Keys).
Remember: If you face an incident, follow IRM, take notes, and do not panic. Contact your CERT immediately if needed.
6 steps are defined to handle security Incidents:
- Preparation: get ready to handle the incident
- Identification: detect the incident
- Containment: limit the impact of the incident
- Remediation: remove the threat
- Recovery: recover to a normal stage
- Aftermath: draw up and improve the process
Getting StartedClick "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.