Sign in

More Resources: Security incidents

Things to read and watch alongside Rishi Bhargava’s key workflow lessons

By Joshua Timberman

“I think the biggest challenge I see when it comes to security incidents is collaboration: how you collaborate and who you collaborate with.” — Rishi Bhargava

This week on the Allma blog, we featured highlights from our conversation with Rishi on security incident management, touching on everything from communication charts to tabletop exercises to auto-documentation.

We’ve also put together this list of additional resources around security incidents, with industry best practices, step-by-step guides, and more:

Computer Security Incident Handling Guide” from the National Institute of Standards and Technology (NIST), U.S. Department of Commerce
Considered a definitive guide to handling security incidents by many experts in the field, the guide is a linked PDF publication that’s over 70 pages long. It was published in 2012, and even a decade later it remains relevant. This publication is based on best practices from government, business, and academic organizations.

Cybersecurity and Infrastructure Security Agency
⁠CISA is a U.S. government agency that provides many security resources for other government agencies as well as private businesses.

The SANS Institute
⁠The SANS Institute is a research and education organization that provides security training and certification on all aspects of cybersecurity around the world. SANS also operates the Internet Storm Center (ISC), which provides analysis and warning services to identify security incidents that affect organizations around the world.

CSS2018LAS8: Incident Handling Process led by Brian Ventura, SANS instructor and information security architect for the city of Portland
This talk is based on the SANS 504 Incident Handling and Hacker Exploits security training. That training is normally a full day course, and Brian breaks it down into a little less than an hour.

How to create an incident response playbook” from Atlassian
⁠This article uses examples from Atlassian’s very own handbook on incident management, outlining five steps that can be used by other organizations to build their own effective incident-response playbooks.

Security Incident Response Simulations & Workflows from The SaaSOps Show Podcast
This episode of the SaaSOps Show by BetterCloud goes into detail on how their organization does security incident response simulations to prepare their teams for real world incidents.

Joshua Timberman

Head of Advocacy and Community, Allma

Joshua Timberman is an advocate for humans and a community builder. As a system administrator and technical operations engineer for over 20 years, Joshua has worked with and broken computers in every conceivable form and iteration. He's used that experience to develop and run incident management, operations teams, and help improve the working lives of humans who use computers for day to day work. Prior to Allma, Joshua spent almost 13 years building Chef and the Chef community.

Continue the conversation

join the Allma Discord community


Allma– UI-less Incident Collaboration. Natively in Slack.

Get early access

Continue reading

6 key lessons on recruiting from our conversation with Rich ParetIncidentally: An Interview with Ian Marlier
view all posts

our newsletter is cool

allma, inc © 2022