...
TODO: add a starter list of artifacts that Mission Control thoughtbot typically delivers.
Architecture Model
...
<Insert details of the application system audit logging processes. Include details about where the log files are located, as well as a brief description of the events captured in each log file>
TODO: Insert standard Mission Control thoughtbot approach to logging and alerting.
...
The <APPLICATION/SYSTEM NAME> Incident Response Team includes the following staff:
Incident Management Team | Phone Number | |
|
The Incident Management Team are engineers who have technical knowledge of the application/system and full understanding of the Security Incident Response Plan. The first point of contact should be a designated On-Call Engineer.
<If there is an on-call rotation, insert instructions on how to access the rotation>
Client Contact | Phone Number | |
|
Client Contactsare people who understands the business impact of the system and its unavailability, and can make decisions on behalf of the client team.
...
Examples of compromises and the corresponding remediation procedures are provided below. Note that depending on the nature of compromise, a combination of remediation procedures may be needed to fully address the cause:
Scenario | Resolution Procedures |
|---|---|
<Fill in common scenarios and procedures. Should be reviewed/updated after each incident post-mortem>
...