// THREAT DETECTION AND DATA PRIVACY TERM
Mitigation
In cybersecurity, mitigation refers to the actions taken to reduce the severity, impact, or likelihood of a cyber incident or attack. It involves steps to lessen the harm once an incident has occurred or to prevent it from happening in the first place.
TECHNICAL DEFINITION
Mitigation, within the incident response lifecycle, encompasses the tactical measures and security controls deployed to contain a cyber incident, reduce its adverse impact, and prevent further propagation or damage to organizational assets and data, often through isolation, patching, or policy enforcement.
BACKGROUND
The Cybersecurity and Infrastructure Security Agency (CISA), headquartered in Arlington, Virginia, is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Containment
- Damage Control
- Risk Reduction
- Impact Reduction
- Incident Containment
- Remediation (partial overlap)
USAGE NOTE
Mitigation is a crucial phase in incident response, focusing on immediate actions to stabilize the environment and prevent further harm after detection.
DEVELOPERS
Organizations developing technology related to Mitigation.
Develops a comprehensive suite of cybersecurity platforms, including firewalls, cloud security, and endpoint protection, to prevent and mitigate cyber threats.
Provides cloud-native endpoint protection, threat intelligence, and incident response services, enabling rapid detection and mitigation of sophisticated cyberattacks.
Offers a broad portfolio of security solutions, including firewalls, intrusion prevention systems, and secure SD-WAN, designed to protect networks and mitigate risks.
Specializes in security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms to help organizations detect, investigate, and mitigate security incidents.
Provides advanced threat intelligence, incident response, and security consulting services to help organizations prepare for, respond to, and mitigate cyber breaches.
Offers web performance and security services, including DDoS mitigation, web application firewalls (WAF), and bot management, to protect internet properties from attacks.
Develops a wide range of enterprise security products, including endpoint detection and response (EDR), cloud security, and SIEM solutions, for comprehensive threat prevention and mitigation.
Provides cloud security solutions, including DDoS protection, web application and API protection, and bot mitigation, to secure online experiences and critical infrastructure.