> For the complete documentation index, see [llms.txt](https://docs.inopli.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.inopli.com/drp/client-onboarding-and-configuration/integrations/response-module.md).

# Response Module

The <mark style="color:green;">Inopli DRP module</mark> is tightly integrated with the <mark style="color:green;">Inopli Response module</mark> to ensure that identified threats are not only detected but also managed through structured operational workflows. Once a monitoring profile is active and findings begin to surface, each signal is enriched and classified. Findings presented to the security team or analysts can be marked as true positives, false positives, or benign.

When a <mark style="color:green;">**true positive**</mark> is confirmed by an analyst or an automated rule, the system automatically triggers an escalation process by interfacing with the <mark style="color:green;">**Response module**</mark>. This process results in the <mark style="color:green;">**automatic creation of a security incident**</mark>, which is then assigned to the operations team for handling and resolution.

Each incident contains:

* The original finding and all correlated evidence
* Enrichment metadata from the DRP engine (e.g., entity match, severity, exposure level)
* Audit logs of analyst action (who validated and when)
* Links to response playbooks and historical context if applicable

This seamless integration ensures that threat signals are actionable and traceable, closing the loop between <mark style="color:green;">**detection and response**</mark>. It also helps maintain response consistency and reduces the likelihood of missing relevant threats due to manual friction or communication delays.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.inopli.com/drp/client-onboarding-and-configuration/integrations/response-module.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.