A breach analysis process must often find a balance between functionality and performance. Initial toolsets can rapidly identify indicators of compromise, while final toolsets enable deep-data analysis but at the cost of additional time and resources. Organizations must decide when it is appropriate to use tools that will accelerate the forensic identification process but still provide an accurate assessment of the breach event. The second in a two-part series on incident response, this brief discusses the goals of breach analysis as well as its different phases and tools. Why is it important for organizations to understand each phase of this process? Learn how breach analysis can help your organization efficiently manage incoming threats.