Eradication

Eradication in the context of incident response involves completely removing the root cause of a security incident to prevent its recurrence. This phase goes beyond just containing the immediate effects of an attack; it focuses on identifying and eliminating the vulnerability, malware, or other underlying factors that allowed the incident to happen in the first place. This might include patching vulnerable systems, removing malicious software, resetting compromised credentials, or reconfiguring network devices.

Visit the following resources to learn more:

@article@Eradication - AWS
@article@What is eradication in Cybersecurity?