Lesson 7 of 9
In Progress

Categorization and Classification Metrics

L1 and L2 analysts will have to take time to record the following metrics against each incident.

1.1.1          Actors: Origin

Defines the geographic distribution of the attack as per the VERIS classification of the incident.

1.1.2          Actors: Motive

Defines the motive behind the attacks as per VERIS classification of the incident.

1.1.3          Actions: Vector

Defines the vector of the attack as per the VERIS classification of the incident.

1.1.4          Actions: Malware.Variety

Defines the distribution of the variety of malware used as per the VERIS classification of the incident.

1.1.5          Actions: Hacking.Variety

Defines the distribution of the type of hacking attack used as per the VERIS classification.

1.1.6          Asset: Management

Defines the distribution of the asset management (asset managed by which part of the business or a third party) as per the VERIS classification of the incident.

1.1.7          Attributes: Variety

Defines the distribution of the incidents by the platform per the VERIS classification.