{"title":"对组织的信息安全事件作出响应的过程的自动化","authors":"S. V. Voloshko","doi":"10.31673/2409-7292.2022.040009","DOIUrl":null,"url":null,"abstract":"The article discusses the process of automating the response to information security incidents of the organization. The main stages of automation planning, key points and a sequence of actions for developing a correct response scenario for a certain type of incident are recommended. As an example, the process of building a scenario for responding to a \"phishing\" incident in accordance with the set of information security solutions defined for the example, which may be available in the organization, is given. The corresponding steps of the response scenario are described in text, plan, and graphic format. A graphic example of the implementation of the developed plan in the SOAR class system is given.","PeriodicalId":107068,"journal":{"name":"Modern information security","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Automation of the process of responding to information security incidents of the organization\",\"authors\":\"S. V. Voloshko\",\"doi\":\"10.31673/2409-7292.2022.040009\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The article discusses the process of automating the response to information security incidents of the organization. The main stages of automation planning, key points and a sequence of actions for developing a correct response scenario for a certain type of incident are recommended. As an example, the process of building a scenario for responding to a \\\"phishing\\\" incident in accordance with the set of information security solutions defined for the example, which may be available in the organization, is given. The corresponding steps of the response scenario are described in text, plan, and graphic format. A graphic example of the implementation of the developed plan in the SOAR class system is given.\",\"PeriodicalId\":107068,\"journal\":{\"name\":\"Modern information security\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Modern information security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.31673/2409-7292.2022.040009\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Modern information security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31673/2409-7292.2022.040009","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Automation of the process of responding to information security incidents of the organization
The article discusses the process of automating the response to information security incidents of the organization. The main stages of automation planning, key points and a sequence of actions for developing a correct response scenario for a certain type of incident are recommended. As an example, the process of building a scenario for responding to a "phishing" incident in accordance with the set of information security solutions defined for the example, which may be available in the organization, is given. The corresponding steps of the response scenario are described in text, plan, and graphic format. A graphic example of the implementation of the developed plan in the SOAR class system is given.