Our IR playbook and runbook services ensure that you’re following a predefined process and keeping appropriate resources informed and engaged during a response effort.
As part of these services, we:
Our goal is to help ensure that you’re able to effectively respond to specific incidents that could impact your organization.
Our security practitioners work closely with your team to collect and review current incident response documentation, including any existing incident response plans, associated processes, business workflows, architecture information, technology solutions and documentation related to recent incidents.
Additionally, we conduct Q&A sessions with key personnel to gather additional feedback, data and information that might not be included in the current documentation.
These steps allow us to propose playbook and/or runbook topics that are directly applicable to your organization. We develop the workflows to include all necessary groups, processes, solutions and third parties that will be defined in the process.
Based on the observations made during the documentation review and results of interviews, we’ll develop the incident response playbooks or runbooks to capture workflows or processes specific to the threat defined in collaboration with your organization.
Workflow and process documentation incorporate industry best practices, appropriate roles, notification requirements, applicable solutions and a well-defined structure for responding to the incident. Once finalized after review with your stakeholders, the newly developed documentation can be added to existing incident response plans.
Certifications