Incident response is responding to an incident that happens. A shocking revelation and wildly unpredictable definition, I know!
Incident response is usually a set of a few actions:
Noticing that something is not right
Communicating that something is not right
Doing something to make things right
Noticing comes through alerting. Sometimes that alert is like a 911 call—an SOS message from a human who has seen an error in your software. A human alert could come in the form of a text message from a friend, an email from a coworker, a ticket to a support system, or even a yell from across the room. Human escalations can be useful, but usually it is preferred to receive alerts from automated systems. Automated systems are preferred because, unlike humans, they are consistent and can be defined in a consistent manner. Humans will come up with new and unique ways to break your system. Automated systems will use your system consistently. When I say automated systems, I mean...