Guide icon

Metrics and Reporting

Create Incident Response Metrics Worth Reporting

by Adrian Sanabria, IANS Faculty

The purpose of any metric should first and foremost be to improve the processes they serve to measure. In incident response (IR), speed is key – if you’re not faster than your adversary, there should be a plan to get there. Burnout within the IR and security operations center (SOC) teams is also a common issue that metrics can help track and prevent. This piece explains how to create IR metrics that focus on improvement and are likely to resonate with management, including understanding:

  • What IR metrics are not worth focusing on
  • What metrics should be prioritized for improvement
  • What metrics should be reported to management
  • What an ideal response time is
  • How to properly resource metrics tracking and production


Complete the form and we'll send a copy of the IR metrics guide to your email.

Fill out the form to receive your content download.  
* Required Fields

Featured IANS Content

Guide icon

Identity and Access Management

Privileged Access Management (PAM) Decision-Maker

by Idan Shoham, IANS Faculty

Privileged access should be provided to authorized users based on context vs. a one-size-fits-all approach. These workflows are designed to help you determine which accounts or groups should be managed by a PAM process and then how best to grant that privileged access.

See Details
Guide icon

Cloud Network and Host Controls

Six Key Control Areas of Cloud Security

by Dave Shackleford, IANS Faculty

Completely locking down all your cloud workloads is a daunting endeavor. This piece explains how focusing on six key control areas can help ensure security teams get a solid head start in the cloud by adhering to foundational security practices.

See Details
Checklist icon

Vendor and Partner Management

Third-Party Software Security Checklist

by Richard Seiersen, IANS Faculty

While always a focus for security teams, third-party software security garnered more focus and attention following the SolarWinds breach. This checklist offers four high-level best practices for securing third-party software, each with one or more technology solutions. Both commercial and open source solutions are included where available.

See Details