Incident Response Toolkit

The OODA Loop, developed by US Air Force military strategist John Boyd, focuses on the key essential tactics for responding to any crisis: Observe, Orient, Decide & Act.

• Observe: Use security monitoring to identify anomalous behavior that may require investigation
• Orient: Evaluate what’s going on in the cyber threat intelligence landscape & inside your company, make logical connections & real-time context to focus on priority events
• Decide: Based on observations & context, choose the best tactic for minimal damage & fastest recovery
• Act: Remediate & recover, improve incident response procedures based on lessons learned

AlienVault® Unified Security Management® (USM) helps you put the OODA Loop to work in the real world. Download this white paper to read about a few specific use cases where USM can help you achieve effective incident response.