Incident Management
Security SpecialistOperations & StrategyDevopsSRE
Incident management involves preparing for, detecting, responding to, and recovering from security incidents. By thinking about incident management prior to actually experiencing an incident, you can help increase the likelihood of a timely recovery.
This section contains two different kinds of content:
- Framework guidance: explanatory pages on communication, detection/response, lessons learned, and reference playbooks
- Operational templates: copy-and-adapt incident response documents, templates, and runbooks for internal team use
Use the framework guidance to understand the discipline. Use the incident response template section to build your own operational documentation.
Contents
- Communication Strategies
- Incident Detection and Response
- Lessons Learned
- Playbooks
- SEAL 911 War Room Guidelines
- Incident Response Template