We know that there is no such thing as a one-size-fits-all solution to your company’s cybersecurity response. That’s why our in-house tech team here at FRSecure has created six different comprehensive incident response playbooks to help guide you in responding to the most common security incidents. In keeping with our mission to fix the broken cybersecurity industry, we aim to empower people with self-help tools like this.
These response playbooks were developed based on how our team has successfully responded to real-life security incidents in the past. We hope that you’ll benefit from these playbooks use them to bolster your organization’s response capabilities when common incidents occur.
If the incident is out of control, and an IR provider needs to be called, they can help to mitigate the damage in the meantime, so they’re worth keeping on hand for a multitude of applications.
Outlined in each playbook, are steps to help you prepare to respond to an incident, identify how it happened, contain the issue, eradicate it from your organization, and recover from the event as efficiently as possible.
Each playbook also contains a ‘Lessons Learned’ section which serves to provide a structured meeting format to discuss what went well, what didn’t, and what needs to be changed to avoid similar incidents in the future. This closing activity can better prepare your team to respond if something should ever go wrong in the future.

Self Help Guides for Common Incidents
Here are the types of issues these incident response playbooks will help guide you through:
Business Email Compromise Response Playbook
This playbook is meant to assist in the event of a business email compromise (BEC) event. Phishing scams and BEC incidents are the number one way that ransomware attacks can break through defenses and cripple a business. This playbook gives you a step-by-step guide in responding to a BEC incident.
Web Application Attack Response Playbook
A web application attack can lead to a major security breach—especially if the application in question contains sensitive information about customers or employees. This playbook is meant to guide your response to an attack and re-establish the security of the application.
Having a ransomware response playbook is invaluable for businesses regardless of whether an attack has already occurred or not. This playbook can serve as a step-by-step response guide in the event you find yourself dealing with a ransomware incident.
Lost or Stolen Laptop Response Playbook
The lost or stolen laptop response playbook covers best practices in the event an employee device has gone missing. A compromised device can expose your business to serious security vulnerabilities, so this step-by-step playbook outlines what to do from beginning to end.
Compromised Credentials Response Playbook
Your credentials are a virtual keyring ripe with sensitive information, and if they fall into the wrong hands, they can quickly unlock all of it. This response guide gives you step-by-step help in the event of a compromised credentials incident.
Malware Incident Response Playbook
A malware incident can quickly jeopardize sensitive information, and it’s crucial to respond to the issue as soon as possible due to how rapidly it can spread. This malware incident response playbook gives you step-by-step help in the event of an outbreak.
Adopt and Ask
These playbooks are here whether you’re looking for steps to control an incident as it’s unfolding, or simply trying to be prepared should a security event ever occur in your workplace. While there’s no one-size-fits-all solution, taking steps to prepare yourself and your team can never hurt. An ounce of preparation is worth a pound of cure.
Please feel free to reach out to us with any questions, comments, or concerns regarding our incident response playbooks using our contact form.
Hi Team,
the Playbook for above mention threat are very useful .
Do you have any playbooks for KEYGEN , Torrent, etc
Hi there,
The playbooks above focus on responding to different kinds of incidents. While it’s a good practice to block things like what you’ve referenced in your environment, we don’t have any resources on key generators or torrenting specifically
Hi Team,
Do have any playbook escalation of privilege account and account compromise
Hi there,
The compromised credentials playbook would be closest to what you’re looking for. Hope this helps!
https://frsecure.com/compromised-credentials-response-playbook/