# AMA Open Stage | Study GRC | Study GRC - q: We're slowly trying to inject security into our developer mindset. - q: Any of you ever ran into the problem of "sanitization" when it comes to incident response? Sanitization as in - disinfecting your IT assets as you recover and "forensicate" them. - If you can rebuild or provision systems at scale with the data recovered, then that makes things easier for incident responders and forensicators. - q: DR and IR can happen at the same time and stretch your IT ops resources thin. Anyone ever done these tests/TTXs in conjunction? Suggestions? We had previously done them separate.