Incident Response Plans (IRPs)

Incident Response Plans (IRPs) are structured approaches to managing the aftermath of a security breach or cyberattack. The goal is to limit damage and reduce recovery time and costs. This section provides specific IRPs tailored to common incident types, such as malware infections, phishing attacks, ransomware, and compromised user accounts, guiding analysts through the necessary steps from initial detection to post-incident review.

Incident Response Plans:

• Compromised User Account Incident Response Plan (IRP) / Runbook
• Malware Incident Response Plan (IRP) Runbook
• Phishing Incident Response Plan (IRP) / Runbook
• Ransomware Incident Response Plan (IRP) / Runbook