AWS whitepapers documentation change
Summary
Removed entire content including incident response guidance about roles/responsibilities, RACI charts, and subject matter expert involvement.
Security assessment
This change removes documentation about security incident response processes but doesn't reference any specific vulnerability, exploit, or security incident. No evidence exists of it addressing a security flaw; it appears to be routine content removal.
Diff
diff --git a/whitepapers/latest/aws-security-incident-response-guide/define-roles-and-responsibilities.md b/whitepapers/latest/aws-security-incident-response-guide/define-roles-and-responsibilities.md index e9e03b40d..8b1378917 100644 --- a//whitepapers/latest/aws-security-incident-response-guide/define-roles-and-responsibilities.md +++ b//whitepapers/latest/aws-security-incident-response-guide/define-roles-and-responsibilities.md @@ -1 +0,0 @@ -[View a markdown version of this page](define-roles-and-responsibilities.md) @@ -3,33 +1,0 @@ -[](/pdfs/security-ir/latest/userguide/sir-ug.pdf#define-roles-and-responsibilities "Open PDF") - -[Documentation](/index.html)[Security Incident Response](/security-ir/index.html)[](what-is.html) - -# Define roles and responsibilities - -Handling security events requires cross-organizational discipline and an inclination for action. Within your organizational structure, there should be many people who are responsible, accountable, consulted, or kept informed during an incident, such as representatives from human resources (HR), the executive team, and legal. Consider these roles and responsibilities, and whether any third parties must be involved. Note that in many geographies, there are local laws that govern what should and should not be done. Although it might seem bureaucratic to build a responsible, accountable, consulted, and informed (RACI) chart for your security response plans, doing so enables quick and direct communication and clearly outlines the leadership across different stages of the event. - -During an incident, including the owners/developers of impacted applications and resources is key because they are subject matter experts (SMEs) that can provide information and context to aid in measuring impact. Make sure to practice and build relationships with the developers and application owners before you rely on their expertise for incident response. Application owners or SMEs, such as your cloud administrators or engineers, might need to act in situations where the environment is unfamiliar or has complexity, or where the responders don’t have access. - -Lastly, trusted relationships might be involved in the investigation or response because they can provide additional expertise and valuable scrutiny. When you don’t have these skills on your own team, you might want to hire an external party for assistance. - - **Javascript is disabled or is unavailable in your browser.** - -To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions. - -[Document Conventions](/general/latest/gr/docconventions.html) - -People - -Train incident response staff - -Did this page help you? - Yes - -Thanks for letting us know we're doing a good job! - -If you've got a moment, please tell us what we did right so we can do more of it. - -Did this page help you? - No - -Thanks for letting us know this page needs work. We're sorry we let you down. - -If you've got a moment, please tell us how we can make the documentation better.