The First and Only Incident Response Community laser-focused on Incident Response, Security Operations and Remediation Processes concentrating on Best Practices, Playbooks, Runbooks and Product Connectors. In building the Community, the IRC is aimed to provide, design, share and contribute to the development of open source playbooks, runbooks and response plans for the industry community to use. These playbooks or recipes can be in the form of flowcharts, diagrams, sequences, scripts, orchestration platform playbooks and product integration connectors. Seeking to develop a Community-wide standard, the IRC has also partnered with the OASIS, a nonprofit consortium that drives the development, convergence and adoption of open standards for the global information society. Currently, the OASIS currently is developing an OpenC2 standard for Cybersecurity. The OpenC2 establishes a standardized language for the command and control of technologies that provide or support cyber defenses. The collaborative community created by the IRC is aimed at advancing and addressing the ever present and painful realities of today’s cybersecurity industry.

The IRC was formed to help educate and assist teams with increasing response times, learning better hunt, gather, and block methodologies, all while reinforcing team building, a positive collegial culture, and cooperation amongst the human and corporate constituents of the community, in order to create more effective and efficient information security teams.

Each member of the IRC contributes their time, knowledge, experiences and share a mutual willingness to assist those within the community in need. Some IRC members will be mentors, others will be mentees; some IRC members will share incident response plans, others will share or build connectors, playbooks, visual diagrams and much more. The goal is that of collaboration and reciprocity: if you take, you give, if you give, you can receive. We operate on an honor basis and want to support an environment of innovation, cooperation, content creation, all in support of cybersecurity industry members.

A select group of information security professionals put together their heads and based on market demand and with a little luck, received a large amount of support to kick off the IRC. The IRC is not a product company; it is not here to endorse products, nor is it about selling solutions to the market place. The IRC is about building a trusted advisorship to information security and operational security teams, while at the same time, building a network of loyalty and community amongst the group.

Yes, product vendors can join the community but with some caveats. Please understand this is not a community that tolerates yet another sales person, selling yet another product or capability, as the market has plenty of those. The IRC is a community-driven organization that aims to disrupt the traditional approach and is focused on community, industry connections, playbook sharing, product connectors and industry change. If you are interested in attending a specific IRC event, your company must sponsor one of our innovation categories. These sponsorships help fund training, venues, advertising and efforts. None of the sponsor funding received is used for any staffing or personnel contributions; it’s 100% volunteer-driven and will remain that way. If you are interested in sponsoring any IRC events or volunteer opportunities, please contact us for more information.