π£ Ready to get started?
π½οΈ [VIDEO] Introducing Sprint 2 (5 minutes)
Welcome to sprint two and the world of incident response.
Watch now
π½οΈ [VIDEO] What is a Security Incident and why do they matter to software teams? (5 minutes)
We dive into what security incidents are, how they typically work and why they matter to software teams like yours.
Watch now
π Find your organization's incident response plan (20 minutes)
Does your organization already have an incident response plan? If so, it's a great time to go find it and have a look.
- Does it mention software-related security incidents?
- Does it have details of how your software teams would be notified if there was an incident in progress?
While this may not be your document, reading what has been built before helps you understand what support and process is already in place.
Remember to add any thoughts, suggestions or findings you have to your Security Debt tracker.
Tip
If your organization doesnβt have an incident response plan, you can find some easy to follow guidance for creating your own from CERT NZ.
https://www.cert.govt.nz/business/guides/incident-response-plan/
π½οΈ [VIDEO] How bad is it? How to decide how serious a software security incident is (5 minutes)
Incidents happen all the time but they're not all equal. Learn how to decide how serious a security incident is for your organization or context.
Watch now
π Create your own Incident Severity Definitions (25 minutes)
Now that you understand the process, letβs create reusable incident severity definitions for use in your team. We even made you a template to help you get started.
Download now