5 interactive modules · 25 min · knowledge checks + final assessment
Preview the course →Free interactive preview — no purchase requiredAbout this product
Tier 2 training for security team leads, incident coordinators, and security engineers who command incident response. Five modules (~25 minutes total): your role as incident commander (decision-making authority, communication, timeline/documentation, team coordination, escalation — not investigation, execution, or business continuity), the first 6 hours (triage, response planning, execution, documentation under uncertainty), escalation and communication (four tiers of incidents, how to brief leadership, what not to do), cognitive biases and traps that break incident response (hindsight bias, blame culture, analysis paralysis, sunk-cost fallacy, confirmation bias, incompetence assumption), and post-mortems (when to hold, who attends, how to run, avoiding blame while ensuring learning). Grounded in real incident response and behavioral psychology.
What's included
- 5 modules (~25 min total) as HTML5
- 10-question final assessment with score interpretation
- Incident command decision framework
- Escalation tier classification system
- Communications templates and guidance
- Cognitive bias playbook with examples
- Post-mortem facilitation checklist
- Incident log template and documentation guidance
Who it's for
- Security team leads and incident commanders
- Security engineers coordinating incident response
- Security operations center (SOC) leaders
- Organizations wanting to mature incident response coordination
Available formats
Responsive, self-contained course — works on any device. Includes knowledge checks and a scored final assessment.
SCORM 1.2 & 2004 package for your LMS (Workday, Cornerstone, Docebo, Litmos, and more) — tracks completion and assessment scores.
Licensing
Single-organization license. Unlimited incident commanders and security team members within one company. Frameworks and templates are customizable.
Related products
Incident Response Playbook: Your First 5 Minutes
An 18-minute course for all employees on what to do in the first 5 minutes when you spot a security incident — how to report it, what NOT to do, and what happens next.
Cyber Tabletop Exercise Kit — 10 Ready-to-Run Scenarios
10 ready-to-run cyber incident tabletop exercises for security teams, executives, and boards. Each scenario includes facilitator script, staged discussion prompts, common failure modes, and after-action template.