Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/swannman/ircapabilities
Incident Response Hierarchy of Needs
https://github.com/swannman/ircapabilities
Last synced: 27 days ago
JSON representation
Incident Response Hierarchy of Needs
- Host: GitHub
- URL: https://github.com/swannman/ircapabilities
- Owner: swannman
- Created: 2016-12-18T21:56:53.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2023-04-19T20:04:07.000Z (over 1 year ago)
- Last Synced: 2024-10-06T19:41:27.087Z (about 1 month ago)
- Homepage: https://twitter.com/MSwannMSFT
- Size: 480 KB
- Stars: 436
- Watchers: 33
- Forks: 40
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-soc - SOC/IR hierarchy of needs
README
# The Incident Response Hierarchy of Needs
The Incident Response Hierarchy is modeled after [Maslow's Hierarchy of Needs](https://en.wikipedia.org/wiki/Maslow's_hierarchy_of_needs). It describes the capabilities that organizations must build to defend their business assets. Bottom capabilities are prerequisites for successful execution of the capabilities above them:The capabilities may also be organized into plateaus or phases that organizations may experience as they develop these capabilities:
This diagram is available as images ([explanations](https://raw.githubusercontent.com/swannman/ircapabilities/master/hierarchy.png), [plateaus](https://raw.githubusercontent.com/swannman/ircapabilities/master/plateaus.png)) or as a [PowerPoint deck](https://github.com/swannman/ircapabilities/blob/master/IR_Capabilities_Hierarchy.pptx?raw=true).
## How can I use it?
You are welcome to use, modify, and share my description of the incident response hierarchy. It is shared with the community under a [Creative Commons Attribution 4.0 International](https://creativecommons.org/licenses/by/4.0/) license.## I have feedback!
Leaders may describe this concept in different ways depending on their experiences and the needs of their business. This version is based on my experience building incident response capabilities in Office 365, with feedback from the infosec community on Twitter.If you have suggestions or feedback, I would love to hear from you! You can find me on [Twitter](https://twitter.com/MSwannMSFT) and [LinkedIn](https://linkedin.com/in/swannman).