October 20

Webinar takeaway – IR Playbooks – A New Open Source Resource

Security

0  comments

My key takeaways

  • management wants to know what, not how
  • IR plan aka policy
  • IR playbook aka process
  • microplays aka procedures
    • microplays are the actual steps to be taken in response to an incident
  • you don't plan while under stress
    • that's when a playbook becomes handy
  • even if every incident is unique and the environment is uinque, there usual process are most time the same and can be written down in a playbook
  • an incident commander connects the C-Level and the IR team

Env

additional links

User comments

  • Fraggle780 — heute um 19:41 Uhr yes - contain is isolation, eradicate is nuking from orbit
  • SilentTom — heute um 19:43 Uhr Please dont power down. You make us forensic analysts very sad;-)
  • MaliciousPackage — heute um 19:49 Uhr Awwww why so much hate for the red team?
    • Velda | The Deputy — heute um 19:50 Uhr Their offensive 😄

Tags

incident response, playbook

You may also like

Webinar takeaway – IR Playbooks – A New Open Source Resource

My key takeaways management wants to know what, not how IR plan aka policy IR playbook aka process microplays aka procedures microplays are the actual steps to be taken in response to an incident you don’t plan while under stress that’s when a playbook becomes handy even if every incident is unique and the environment

Read More
Leave a Comment