Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

View Schedule & Pricing
Get a Quote
Book a Meeting

Popular Searches

CISSP Security+ AWS Azure CCNA CompTIA Cloud Cybersecurity

Quick Links

Global Accelerated Learning • Est. 1999
Glossary Term Eradication

Training Camp • Cybersecurity Glossary

What is Eradication?

Eradication is the incident response phase that removes malware, persistence, and root causes from systems before recovery, per NIST SP 800-61.

Glossary > Incident Response & Forensics > Eradication

Eradication Definition: Eradication is the incident response phase that removes malware, persistence, and root causes from systems before recovery, per NIST SP 800-61.

Understanding Eradication

Eradication is the incident-response phase, defined in frameworks such as the NIST SP 800-61 lifecycle, in which the root cause and all attacker artifacts are removed from affected systems. This includes deleting malware, closing exploited vulnerabilities, eliminating persistence mechanisms, and disabling compromised accounts before recovery begins. Thorough eradication is essential to prevent reinfection or attacker re-entry once systems are restored to normal operation.

Learn More About Eradication:

← Equal-Cost Multi-Path (ECMP) Back to All Terms Eradication Phase →

Related Cybersecurity Terms

Security Breach
Recovery Point Objective
Rapid Response Team
Unallocated Space

Ready to Get Certified?

Eradication is one of the topics you'll master in the ECIH Boot Camp.

ECIH Boot Camp →