Incident Response


What is an incident response plan? Reviewing common IR templates, methodologies

In today’s threat landscape, it’s no longer if an incident will happen, it’s when. Defending your organization and having a plan for what to do if an incident occurs is more critical than ever. And frankly, the benefits of having an incident response plan are quantifiable. Ponemon’s Cost of a Data Breach Report compared organizations boasting robust security Incident Response (IR) capabilities with those that do not.


5 Steps to Building a Robust Incident Response Plan for your MSP

Today’s organizations face ransomware, malware, and other cyber attacks, and managed service providers (MSPs) need an incident response plan (or “IRP”) to mitigate against these threats. In a recent survey of 200 MSPs, 74% of respondents said they have suffered a cyber attack, and 83% noted their small and medium-sized business (SMB) customers experienced one as well. Yet, with an incident response plan (IRP), MSPs can protect themselves and their customers against cyber attacks.


MSP Security Incident Response Planning (a Quick Guide)

Every second counts when it comes to Managed Service Provider (MSP) security — the longer it takes an MSP to complete security incident response, the greater the ramifications of the incident on the service provider and its stakeholders. When faced with a cyber attack, it’s crucial to understand the potential consequences of the security incident. It also is paramount for an MSP to establish a plan, so it can quickly and effectively respond to cyber attacks and other security incidents.


Will XDR Change Incident Response?

Extended Detection and Response (XDR) is a new security technology that promises to change the way security organizations operate, and introduce important efficiencies to day-to-day processes. In particular, XDR is expected to have a huge impact on incident response teams. In this article, we’ll explain the basics of XDR, show how it addresses incident response challenges, and how it can transform traditional processes in the SOC.


SOCstock 2020: Tackle the Human Side of Incident Response with SOAR and Threat Intelligence

It’s easy to overlook the human elements behind cyber threats and cyberattacks. We tend to focus our time analyzing the technical mechanics behind executed attacks, their vulnerabilities and exploits, and their potential mitigation techniques. While all important factors, they don’t account for the people behind the threat. This ultimately leaves you exposed and without crucial context to aid us as you allocate security resources and evaluate assets likely to be targeted.


5 Tips for a Faster Incident Response Process

If you work in IT Ops, SRE, or DevOps, you don’t need to be told that every second counts in incident response. You already know that. The challenge for most incident response teams, however, lies in figuring out how you actually improve incident response speed. Beyond obvious, basic steps – such as taking advantage of automation tools for alerting and monitoring, and doing effective post-mortems – strategies for making incident response faster can be elusive.

Masterclass: Advanced series session 2 - Build a high velocity incident response tool chain

In this session of the advanced masterclass series, you'll learn how to link ServiceDesk Plus to the ManageEngine operations tool chain and how to operate an analytics-driven service desk. You'll also learn about features that will help you separate management and bureaucracy, enabling you to accelerate your service desk operations.

Accelerate Incident Response and Incident Management with AIOps. 5 Key Benefits in Cisco Environments

Artificial Intelligence for ITOps (AIOps) can help accelerate incident response with all the incident context, impact assessment, triage data and collaboration & automation tools at one place.


How to Test Your Incident Response Plan: Everything You Need to Know

Cyber threats are constantly evolving. All systems, people and processes around us are unceasingly dependant on technology. Even the most sophisticated cyber defense frameworks that seem virtually impenetrable can be breached by unauthorized intrusions. This escalates the need to formulate a steadfast incident response plan and conduct regular tests to assess its capabilities.


Introducing: Alert Response as Code

Alert Response as Code is Interlink’s software-based, programmatic model for identifying incident alerts and driving an automated response. IT teams can automate the triggering of recovery processes that would otherwise involve running individual, manual steps across multiple applications, devices and operating systems.