Announcing the Incident Response Program Pack v1.5
02/16/2025
This release is to provide you with everything you need to establish a functioning security incident response program at your company.
In this pack, we cover
- Definitions: This document introduces sample terminology and roles during an incident, the various stakeholders who may need to be involved in supporting an incident, and sample incident severity rankings.
- Preparation Checklist: This checklist provides every step required to research, pilot, test, and roll out a functioning incident response program.
- Runbook: This runbook outlines the process a security team can use to ensure the right steps are followed during an incident, in a consistent manner.
- Process workflow: We provide a diagram outlining the steps to follow during an incident.
- Document Templates: Usable templates for tracking an incident and performing postmortems after one has concluded.
- Metrics: Starting metrics to measure an incident response program.
GitHub:
https://github.com/securitytemplates/sectemplates/tree/main/incident-response/v1
Updates: https://github.com/securitytemplates/sectemplates/blob/main/incident-response/v1/UPDATES.md
Licensing
This project utilizes a modified creative commons license.
About SecTemplates
To provide simplified, free, and usable open-source templates to enable engineering and smaller security teams to bootstrap security capabilities in their organizations.