richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Vault restructure

Browse source
This commit is contained in:
Richard Kranendonk 2026-04-23 11:51:51 +02:00
parent d45797d121
commit ff77508bd1
1433 changed files with 415450 additions and 1201 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Corpus/Standards/SANS/SANS Incident Response step 4 Eradication.md Normal file
View file

@ -0,0 +1,10 @@
### Step 4: Eradication
Eradication is intended to actually remove malware or other artifacts introduced by the attacks, and fully restore all affected systems.
The SANS eradication process involves:
- **Reimaging**—complete wipe and re-image of affected system hard drives to ensure any malicious content is removed.
- **Preventing the root cause**—understanding what caused the incident preventing future compromise, for example by patching a vulnerability exploited by the attacker.
- **Applying basic security best practices**—for example, upgrading old software versions and disabling unused services.
- **Scan for malware**—use anti-malware software, or Next-Generation Antivirus (NGAV) if available, to scan affected systems and ensure all malicious content is removed.