Access revocation
Definition
The removal of permissions, accounts, or trust relationships that the attacker exploited or could exploit. Distinct from credential rotation in that it removes the account or permission entirely rather than changing the secret.
Related terms
- Attack surface reduction
- The systematic elimination of pathways an attacker could use to enter or move within a system. In incident response this includes closing...
- Compensating control
- A security measure that reduces risk when the ideal control cannot be applied immediately. For example, routing traffic through a monitored proxy...
- Credential rotation
- The process of invalidating and replacing passwords, API keys, certificates, and other authentication tokens that may have been exposed during an incident....
- Long-term containment
- The incident response phase in which emergency stabilisation measures are replaced with durable controls, such as patches, credential rotation, and firewall changes,...
- System hardening
- Configuration changes that reduce a system's attack surface by disabling unnecessary services, applying least-privilege access, enabling audit logging, and removing or restricting...
Explained in
- Long-Term Containment and System HardeningThe removal of permissions, accounts, or trust relationships that the attacker exploited or could exploit. Distinct from credential rotation in that it removes...