Guided response

Many security teams are overwhelmed with the increasing volume and complexity of security incidents. Resilient dynamic playbooks can help security teams get ahead. Dynamic playbooks create powerful and agile workflows that can automatically generate response plans based on incident circumstances and adapt them as new information about an incident is uncovered.

Guided response

How dynamic playbooks work

Dynamic playbooks allow security teams to automatically adjust response to an attack based on threat intelligence, whether from internal or external sources.

During an attack, security tools can add artifacts, including IP addresses and malware hashes, to a Resilient incident. Dynamic playbooks automatically enrich these artifacts with threat intelligence from an integrated feed and can determine that the incident’s IP address is a malware command-and-control server.  

Dynamic playbooks automatically increase the incident severity, escalating the response process. For example, if an executive’s device is infected, dynamic playbooks can automatically escalate the incident to a Tier 2 analyst and notify the legal team. Or if an integrated endpoint detection and response solution reveals that the malware hash is found on several other computers in the organization, the playbooks can direct IT staff to reimage the impacted machines.

This all occurs before the analyst even opens the incident. It helps ensure that the right analyst is working with up-to-date intelligence, helping them to effectively manage today’s increasingly complex attacks.

How it works

Resilient: A central hub for incident response orchestration and automation

IBM Resilient Incident Response Platform

Guided and enriched response with Resilient’s integrations and automated workflows

Intelligent orchestration

Guided and enriched response with Resilient’s integrations and automated workflows

Privacy breach preparation and response

GDPR preparation and practice tools

Discover more

The Total Economic Impact of IBM Resilient

Learn how to assess and improve the value of an incident response platform through real-world customer examples

Six steps for building a robust IR function

Learn actionable steps and strategies to improve the speed, effectiveness and intelligence of your incident response function.

Resilient Dynamic Playbooks video

See how Resilient Dynamic Playbooks can help your team adapt to real-time incident conditions.