Vendor Response

Vendor incident response is just that, Vendor specific. Almost all major hardware and operating system companies have an Internal Response team that seconds as their Vendor Response to clients. They are focused on the following procedures involving an incident with their product.

1. Document the vulnerability to their product.
2. Verify the vulnerability to their product.
3. Determine the cause of the vulnerability.
4. Recommend a course of action.
5. Coordinate resolution efforts.
6. Inform the rest of their customers of the problem and solution.
7. Insert the solution with patches and upgrades.
8. Post mortem analysis of the problem.

Disadvantages of a Vendor Response team are as follows.

1. Vendors response teams are also spin doctors to play down the impact of an incident involving their product.
2. Vendor response possesses an ETA factor before help arrives. Many do not make a site visit unless specific Service Level Agreements are in place for the products.
3. Vendors are loyal to their product and company, making unbiased response evaluation near impossible.
4. They are focused on a specific product, and not your entire organizational infrastructure needs.