From one designer to another, you should know why Playbooks is a fantastic addition to your design tool belt. Playbooks were designed with technical workflows in mind, from incident response to release management, but its flexibility makes it a perfect fit for any repeated process. I love it for creating reusable templates of design checklists and an excellent way to do design review sign-off.

So you’ve set up a Security Orchestration, Automation and Response (SOAR) platform. You’re now ready to detect, respond to and remediate whichever threats cyberspace throws at you, right? Well, not necessarily. In order to deliver their maximum value, SOAR tools should be combined with playbooks, which can be used to drive SOAR systems and ensure that SOARs remediate threats as quickly as possible — in some cases, without even waiting on humans to respond.

In 2021, the Biden administration issued an executive order outlining that the government and private sector need to work together to combat cyberthreats and improve the nation’s collective cybersecurity stance. As cyberattacks become more common and more costly, the United States — like other nation-states — needs to do everything it can to prevent attacks and rapidly respond to them when they occur, which requires modernizing its approach to incident response.

Last week we launched a number of features across the PagerDuty Operations Cloud portfolio to help teams minimize downtime and protect customer experience. One of the areas where PagerDuty continues to invest is collaboration and communication during incident response to ensure that all impacted stakeholders across the business are updated in real-time.

As a former incident responder and now as a responder advocate for FireHydrant, I’ve seen the “build vs. buy” debate play out many times. In fact, I even supported the tool that former employers used for managing incidents for years before they decided to buy (more on that in a future blog post).

The ITIL definition of an incident is “an unplanned interruption to or a reduction in quality of an IT Service or unavailability of the service”. An incident could be caused by an asset that is not functioning properly or a network failure, or a human error.

There is a famous quote that goes like this…‘For every minute spent organizing, an hour is earned.’ At least in the world of incident response, nothing is more apt than this. Digital infrastructure these days is made up of multiple services, an outage could result from either one impacted service or multiple impacted services. So it's essential to have a catalog of all the services along with the point of contact (service owner) responsible for maintaining it.