The method for selecting technical implementation of incident response measures

Considering the increasing importance of timely response to information security incidents, the method for selecting technical implementation of information security incident response measures without the involvement of a response team is proposed. The method considers specified constraints on provided mandates and the coverage of response tools. Unlike known methods, this method considers the selection problem as an integer (boolean) linear programming problem. The terms of the objective function are logical variables for the information security incident localization that included into response plans. Thereby minimizing the time spent for information security incident localization.