Syllabus: AINS6301 Automated Response Systems#
Catalog Description#
Builds AI-assisted incident response playbooks, orchestration, remediation, escalation, testing, and learning loops.
Course Structure#
Each week includes readings, a lecture/slide sequence, an executable lab, and an applied deliverable. Students maintain a reproducible project record and submit work through the LMS or GitHub workflow selected by the instructor.
Weekly Schedule#
Week |
Topic |
Essential Question |
Deliverable |
|---|---|---|---|
1 |
Incident response lifecycle |
Where can automation improve response? |
Lab notebook + assignment brief |
2 |
Playbooks and decision trees |
How do procedures become executable response logic? |
Lab notebook + assignment brief |
3 |
SOAR and tool orchestration |
How do response systems coordinate tools? |
Lab notebook + assignment brief |
4 |
Containment and remediation automation |
What actions can be safely automated? |
Lab notebook + assignment brief |
5 |
Human approval and escalation |
When must people remain in the loop? |
Lab notebook + assignment brief |
6 |
Testing response automation |
How can automation be validated before incidents? |
Lab notebook + assignment brief |
7 |
Post-incident learning |
How does the system improve after response? |
Lab notebook + assignment brief |
8 |
Automated response readiness review |
What makes a response system deployable? |
Lab notebook + assignment brief |
Assessment#
Component |
Weight |
|---|---|
Weekly labs and notebooks |
30% |
Applied assignments |
35% |
Participation and technical critique |
15% |
Final synthesis portfolio |
20% |
Graduate Expectations#
Submissions must show technical reasoning, evidence awareness, clear limitations, and responsible use of AI assistance. Code and analysis should be reproducible enough for instructor review.