# Conclusion
<a name="operations-conclusion"></a>

 Each operations phase has unique goals, techniques, methodologies, and strategies. Table 4 summarizes these phases and some of the techniques and methodologies covered in this section. 

* Table 4 – Operations phases: Goals, techniques, and methodologies*


|  Phase  |  Goal  |  Techniques and methodologies  | 
| --- | --- | --- | 
|  Detection  |  Identify a potential security event.  |  [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/security-ir/latest/userguide/operations-conclusion.html)  | 
|  Analysis  |  Determine if the security event is an incident and assess the scope of the incident.  |  [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/security-ir/latest/userguide/operations-conclusion.html)  | 
|  Containment  |  Minimize and limit the impact of the security event.  |  [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/security-ir/latest/userguide/operations-conclusion.html)  | 
|  Eradication  |  Remove unauthorized resources or artifacts related to the security event.  |  [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/security-ir/latest/userguide/operations-conclusion.html)  | 
|  Recovery  |  Restore systems to a known good state and monitor these systems to ensure the threat does not return.  |  [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/security-ir/latest/userguide/operations-conclusion.html)  |