Built to rehearse, never to report.
Every scenario, exercise and decision tree on IncidentResponse.app exists for one reason: to let executive teams practise their worst day in a safe, fictional setting. Nothing here is operational intelligence, and nothing here should be relied on during a real incident. Below is exactly how our scenarios are made — and what they are, and are not.
Everything here is a drill.
All scenarios, exercises, decision trees and related content on IncidentResponse.app are provided solely for training, educational and professional-development purposes. They are designed to help executives, security teams and other professionals rehearse incident-response decision-making in a simulated environment. Nothing on the platform is intended as, or should be relied upon as, operational guidance, legal advice, regulatory advice, security advice, or a substitute for the judgement of qualified professionals during an actual incident.
No real secrets, ever.
Our scenarios contain no personal data, confidential information, trade secrets or other non-public information of any individual, organisation or third party. Any names, roles, systems, indicators or details that appear within a scenario are illustrative only. Other than the historically inspired scenarios described below, any resemblance to real individuals, real organisations, or actual confidential systems or events is unintended and coincidental.
Inspired by the headlines — but the branches are ours.
Certain scenarios are inspired by publicly reported historical incidents. We make these available so that executives and teams can role-play how they might have responded to a comparable situation, and to spark useful discussion about decision-making under pressure.
The decision-tree branches, options, choices, consequences, timelines, technical details and outcomes presented in these scenarios are fictional, illustrative and created for training purposes. They are not a reconstruction of, and have no bearing on, the actual facts, options, deliberations, decisions or actions of any executive, employee, organisation, regulator, adviser or other party involved in the underlying historical event. No statement within any historically inspired scenario should be read as a factual claim about, an opinion on, or a criticism of any real person or organisation, or of any decision they did or did not make.
Plausible, hypothetical, never targeted.
Scenarios that are generated on demand — including those tailored to your industry, organisation profile or stated parameters — are constructed from publicly available information and from plausible vulnerabilities, threat patterns and potential events drawn from general industry knowledge. They are hypothetical and do not represent any specific real incident, any confirmed vulnerability in a specific organisation’s environment, any threat-actor activity targeting a specific organisation, or actionable threat intelligence. On-demand scenarios are not, and should not be treated as, a vulnerability assessment, penetration test, threat report, or any form of advice about a specific organisation’s actual security posture.
When it’s real, call the professionals.
The platform is provided “as is” and without warranty of any kind, express or implied. While it is designed to support thoughtful preparation, you must not rely on the platform, its scenarios, or any output it generates as guidance during an actual incident. In a real or suspected security incident, engage qualified incident-response, legal, regulatory and communications professionals and follow your organisation’s established incident-response, disclosure and reporting obligations.
References to real organisations, products, technologies, regulations or events within historically inspired scenarios are made solely for educational commentary and identification. All trademarks and trade names remain the property of their respective owners; no endorsement or affiliation is claimed or implied.