🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Incident Response (IR) Playbook Development

Incident Response (IR) Playbook Development

Service Overview

Playbooks contain incident-specific guidance for responding to a potentially chaotic situation. While an IR plan provides an overarching technical and non-technical organizational response to any cybersecurity incident, a playbook contains guidance for a specific type of incident. Playbooks are typically used for common or high-profile incident types that may require additional planning, such as specific steps to follow for responding to a malware attack.

Service Methodology

Secureworks will work with you to determine the scope of the playbook and the incident type (e.g., ransomware, phishing attempts) for which the playbook will be used. After the specific scope is determined, Secureworks will request existing documentation (e.g., IR plans, process guides, pre-existing playbooks). This documentation enables Secureworks to understand your current security posture and practices to ensure that development of the playbook will be in alignment with your IR plan, tools, and other response processes.

As deemed necessary, facilitated workshops and interviews may also be conducted with your primary stakeholders to rapidly gather a complete understanding of overall requirements, critical business requirements, and existing response capabilities.

Outcome

Secureworks will create an IR playbook that is in alignment with your IR plan, tools, and other response processes.

While not a firm pre-requisite, it is highly recommended that you have an existing IR plan because the playbook will be developed to incorporate pre-existing IR planning. If you do not have an existing IR plan or believe your plan needs expert review, then we encourage you to consider our services for developing an IR plan or reviewing your existing IR plan.

Scope and Service Units

Depending on the subject of the IR playbook and the amount of pre-existing planning, playbooks require between 4 and 8 service units.

Scheduling and Booking Information

See Service Scheduling for information about scheduling this service.

 

On this page: