Hello, Guest.!

CISA Releases Interagency Guidance on Cyber Threat Mitigation, Incident Response

1 min read

The Cybersecurity and Infrastructure Security Agency (CISA) has released a joint advisory on incident response and threat mitigation to help federal agencies in cyber incident investigations.

CISA said Tuesday the “Technical Approaches to Uncovering and Remediating Malicious Activity” guidance collates data from a research effort that the agency launched along with partner entities in the U.K., Australia, Canada and New Zealand.

According to the notice, incident response guidelines detailed in the playbook encompass a "variety of technical approaches to uncover malicious activity. When hunting and/or investigating a network, it is important to review a broad variety of artifacts to identify any suspicious activity that may be related to the incident,” the guidance states.

The international team also provided information on specific procedures such as searching indicators of compromise (IOC), frequency analysis, pattern analysis and anomaly detection as part of the research effort.