Security response is a blanket term applied to tools and technologies used for responding to security incidents. Even in the least sophisticated environments, security response tools frequently combine manual and automated approaches. For example, endpoint antivirus software can automatically quarantine or delete infected files, while manual intervention may be needed to revoke an attacker’s access after a user account is compromised.
As described under security automation, it is possible to automate security response tools to varying degrees. Modern environments often achieve a sophisticated level of automation, in which software handles the most common incident types with no human intervention at all.