We have a SOC as a service from service a provider. We also have an XDR solution that includes Incident Response services for a limited number of hours as part of its scope of work. SOC analysts and XDR vendor needs to work together on incidents. Audit team has asked us to provide Incident Response testing plan Looking for guidance on what to add in this testing plan submitted by /u/Final-Pomelo1620 [link] [comments]