Merge pull request #160 from owaspsamm/aramhovsepyan-patch-1

aramhovsepyan · web-flow · commit 6d2c8216c4ef · 2024-07-09T14:15:23.000+02:00
Update O-Incident-Management.yml
diff --git a/model/security_practices/O-Incident-Management.yml b/model/security_practices/O-Incident-Management.yml
@@ -20,11 +20,11 @@ shortDescription: This practice addresses activities carried out to improve the
 
 #A multi-paragraph description of the security practice
 longDescription: |
-  Once your organization has applications in operation, you're likely to face security incidents. In this model, we define a security incident as a breach, or the threat of an imminent breach, of at least one asset's security goals, whether due to malicious or negligent behavior. Examples of security incidents might include: a successful Denial of Service (DoS) attack against a cloud application, an application user accessing private data of another by abusing a security vulnerability, or an attacker modifying application source code. The Incident Management (IM) practice focuses on dealing with these in your organization.
+  Once your organization has applications in operation, you are likely to face security incidents. In this model, we define a security incident as a breach, or the threat of an imminent breach, of at least one asset's security goals, whether due to malicious or negligent behavior. Examples of security incidents might include: a successful Denial of Service (DoS) attack against a cloud application, an application user accessing private data of another by abusing a security vulnerability, or an attacker modifying application source code. The Incident Management (IM) practice focuses on dealing with these in your organization.
 
   Historically, many security incidents have been detected months, or even years, after the initial breach. During the "dwell time" before an incident is detected, significant damage can occur, increasing the difficulty of recovery. Our first activity stream, Incident Detection, focuses on decreasing that dwell time.
 
-  Once you have identified that you're suffering from a security incident, it's essential to respond in a disciplined, thorough manner to limit the damage, and return to normal operations as efficiently as possible. This is the focus of our second stream.
+  Once you have identified that you are suffering from a security incident, it's essential to respond in a disciplined, thorough manner to limit the damage, and return to normal operations as efficiently as possible. This is the focus of our second stream.
 
 #The relative order of this practice in the business function
 order: 1
