1-10-60 Rule

Dmitri Alperovitch, CTO at CrowdStrike, breaks down the 1-10-60 rule and why organizations should track and improve their incident response times with this benchmark in mind i.e.

Detect an incident in 1 minute

Investigate the incident in 10 minutes

Remediate or contain the incident in 60 minutes

1-10-60

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.