Agentic AI Atlasby a5c.ai
/
GitHubDocsDiscord
iiRecord
Agentic AI Atlas · Security Incident Response
workflow:security-incident-responsea5c.ai
II.
Workflow JSON

workflow:security-incident-response

Structured · live

Security Incident Response json

Inspect the normalized record payload exactly as the atlas UI reads it.

File · workflows/workflows/workflows-expanded-2.yamlCluster · workflows
Record JSON
{
  "id": "workflow:security-incident-response",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-expanded-2.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "Security Incident Response",
    "workflowKind": "operational",
    "triggerType": "event-driven",
    "typicalCadence": "on-demand",
    "complexity": "cross-team",
    "description": "Structured response to security incidents — detection confirmation,\nseverity classification, containment actions, evidence preservation,\neradication, recovery, and post-incident review. Follows NIST\nincident response framework with defined communication protocols.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:security-incident-response",
      "to": "role:soc-analyst",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "role:blue-team-lead",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "role:incident-commander",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "skill-area:incident-response",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "skill-area:incident-response-forensics",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "skill-area:security-monitoring-siem",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "domain:cybersecurity",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "domain:security",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "responsibility:security-incident-triage",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:security-incident-response",
      "to": "responsibility:incident-response",
      "kind": "triggers_responsibility",
      "attributes": {}
    }
  ],
  "incomingEdges": []
}