Conceptos y retos en la atención de incidentes de seguridad y la evidencia digital

The continuous reports of security vulnerabilities and new ways to have access to privileged resources of our host, notice the necessity to be prepared to face a possible attack in our computational infrastructures and Communications. Therefore, the organizations that would maintain high security levels, require to establish, along with the good computer security practices, computer incident response teams, strategies for the identification and harvesting of the evidence of the incident, as well as personal permanently trained in computer security. In this sense, this article offers to readers an analysis scenario to think about incident response and digital evidence.