3.1 Kick-off meeting template

Copy-paste this agenda for your first ADR integration alignment meeting between AppSec and SOC.

MEETING AGENDA: ADR Integration Kick-off

Field	Value
Duration	60 minutes
Required Attendees	AppSec Lead, SOC Lead, SIEM/SOAR Engineer
Optional Attendees	CISO, Engineering Lead, Change Management
Pre-reads	This handbook (Ch 2–3), ADR vendor documentation

Agenda:

#	Topic	Owner	Time
1	Introductions & goals: what does success look like for each team?	All	5 min
2	Review: ADR two-timeline model (Ch 2) — shared context	AppSec Lead	10 min
3	Current state: what tooling/alerting exists today on each side?	SOC Lead	10 min
4	Walk through integration readiness checklists (3.2 + 3.3)	Both	15 min
5	SIEM/SOAR integration: connector status, log format, alert mapping	SIEM Eng	10 min
6	Decide: Monitor-only or Block Mode? For which apps?	AppSec Lead	5 min
7	Action items, owners, next meeting date	All	5 min

Action Plan Template:

#	Action Item	Owner	Deadline	Status
1	Complete AppSec readiness checklist (§3.2)	AppSec Lead	___
2	Complete SOC readiness checklist (§3.3)	SOC Lead	___
3	Deploy the SIEM/SOAR connector in the test environment	SIEM Eng	___
4	Define the application tier list for Monitor vs. Block mode	AppSec Lead	___
5	Import ADR runbook templates into SOAR	SOC Lead	___
6	Review emergency procedures as a team	Both	___
7	Schedule Week 2 sync	___	___

RACI Matrix — ADR Integration:

R = Responsible, A = Accountable, C = Consulted, I = Informed

Activity	AppSec	SOC	Engineering	CISO
ADR agent deployment & configuration	R/A	I	C	I
Application metadata & naming conventions	R	C	A	I
SIEM connector setup & log onboarding	C	R/A	I	I
Alert severity mapping & triage rules	C	R/A	I	I
Block Mode policy decisions	R/A	C	C	I
Block Mode exception/rollback execution	C	I	R/A	I
Incident response using ADR alerts	I	R/A	C	I
Maturity model progression tracking	R	R	I	A

In this section:

Search results