Managing my Incident Response Team

Your incident response teams contains stakeholders for the incident response process. You can configure up to ten stakeholders as part of your membership.

Examples for internal stakeholders include members of your incident response team, security analysts, application owners, and your security leadership team.

Examples for external stakeholders include individuals from independent software vendors (ISV) and managed service providers (MSP) that you want to include in an incident response process.

Note

Setting up your incident response team does not automatically grant teammates access to service resources such as membership and cases. You can use AWS managed policies for AWS Security Incident Response to grant read and write access to resources. Click here to learn more.

Your incident response teammates specified on a membership level will be automatically added to any case. You can add or remove individual teammates at any time after a case has been created.

The incident response team will receive an email notification on the events listed in communication preferences.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Security Incident Response dashboard

Communication Preferences