Continuous monitoring of networks, systems, and applications for security events and anomalies.
Handling security incidents.
Incident Triage
Classification
Prioritization
Tracking
Documentation
Contain and Mitigate the Impact