Adhithya Manoj

<div>
<div class="content wysiwyg-content">
Hello experts,<br />
<br />
I was wondering if anyone can help explain the differences between the different incident response models and how they are implemented.<br />
<br />
Something like NIST vs SANS vs ISO and when they should be used, limitations of each model, etc.<br />
<br />
Thanks!
</div>
</div>


Hello experts,

I was wondering if anyone can help explain the differences between the different incident response models and how they are implemented.

Something like NIST vs SANS vs ISO and when they should be used, limitations of each model, etc.

Thanks!

Differences between response models

IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.

IT Administration

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Disaster Recovery is the planning for and creation of policies and procedures related to the resumption or continuation of an organization's functions following a catastrophic event. The term is most frequently used in relation to failure of networks, but DR preparations also include other business systems and personnel considerations.

Disaster Recovery

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.