 This episode was brought to you by Tripwire a security fans today. We're looking at incident response Now an important part of security is incident response or more accurately Timely and appropriate incident response. I mean imagine calling the police and they didn't turn up on time That's probably a bad example But you know what I mean you go to a restaurant you order your food and a shift doesn't make it on time That's an incident Incident management works in the same way normally all the time your sensors are out there and they catch a whiff or something Dodgy that doesn't smell quite right. So you investigate it a bit Now it's important not to overreact You need to get to the root cause of the problem and get it sorted out in a calm and professional manner If you do all of this you you'll stop the incident before it ferments and causes nappy rash and Turns into a complete disaster In production environments for large organizations sniffing out the bad smells the incidents isn't really as easy Which is why it's important that you really look at your detection controls. Are they in place? Are they good? And more importantly, is anyone even Paying any attention to it Secondly, it's important to have a plan in place and know how you're going to react We we've all heard people saying yes, we've got a plan. We've got a plan But to paraphrase mike tyson everyone's got an incident response plan until they get an incident So figure out what your alarm bells are. What is your early detection system? And then secondly make sure someone knows how to respond to that detection system without getting flustered without overreacting without Calling a chicken little incident even because that's the last thing anyone wants Yeah, chicken little things got really heavy there Stay secure my friends