Which term denotes in-depth analysis of attempted attacks using forensics?

Forensics-driven analysis of attempted attacks sits in the incident response phase: investigators collect and examine evidence from the incident to understand how the attack was carried out, what was affected, and how to prevent a recurrence. This deep dive into attacker methods, timelines, and vulnerabilities is what informs remediation steps and strengthens defenses. That’s why Remediation and Response is the best fit. It covers investigation, containment, eradication, recovery, and learning from the incident—all of which involve forensic analysis to determine root causes and tighten security. Detection, by contrast, is about noticing that something malicious is happening, not about analyzing it in depth. Collective Intelligence focuses on sharing threat data, not the hands-on forensic investigation. Anti-Malware Software is a protective tool, not the process that analyzes an attack after it occurs.