Incident Response : Mitigation tasks library
The objective is to have a set of standard and common containment and mitigation tasks that gets applied during a response. While handling an adversary it helps to know what all steps we can possibly do and then accordingly take action based on which part of the kill chain the adversary is in.
Reasoning – The adversary keeps changing their tactics and techniques. They have access to sophisticated code bases. Today is the age of Generative Adversarial Networks(GANs). The defender needs to be able to use his mitigation libraries to generate decisive playbooks on the fly when required.