Reactive services usually consist in post incident reports from constituency or other events related to threats or attacks such as compromised hosts, malware, vulnerabilities or other type of similar incidents.

Examples of such services are:

  • Alerts & Warnings
  • Incident handling
  • Vulnerability handling
  • Artifact handling

The services that fall under this category usually refer to post mortem analysis of an security incident. Alerting the constituency about the incident and providing technical support for solving the problem is a core task of a CSIRT. Technical support can be in the form of system forensics, malware analysis, root cause analysis, incident mitigation.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information