Book a demo call with us
Cross icon
Response

Containment

Containment is a critical phase of incident response and may involve isolating an infected endpoint from the network, suspending a compromised user account, blocking a malicious IP address, or quarantining a suspicious email. The goal is to stop the attack from progressing further while the full investigation and remediation process is carried out. Speed of containment directly impacts the total damage caused by an incident.

Want to help your analysts focus on the most critical alerts?

Book a demo

Other definitions

Zero-Day

A software vulnerability that is unknown to the vendor and has no available patch at the time it is discovered or exploited.

Read the full definition
Arrow right black

XDR (Extended Detection and Response)

An evolution of EDR that integrates telemetry and detection across multiple security layers into a unified platform.

Read the full definition
Arrow right black

Vulnerability

A weakness in a system, application, or network that could be exploited by an attacker to gain unauthorized access or cause harm.

Read the full definition
Arrow right black
Home
>
Glossary
>
Containment
Qevlar AI
ProductIntegrationsSOC & Vulnerability
SolutionsPhishingNetworkIdentityCloud
For MSSPsFor Enterprise
Company
AboutBlogWhitepapersCareersFAQ
Legal
Terms and conditionPrivacy policy