incident-response
Installation
SKILL.md
Incident Response Skill
Purpose
Defines security incident response procedures following NIST SP 800-61 and ISO 27001 Annex A.16.
Incident Classification
| Severity | Description | Response Time |
|---|---|---|
| Critical | Data breach, system compromise | Immediate (< 1 hour) |
| High | Active exploitation, service outage | < 4 hours |
| Medium | Vulnerability detected, policy violation | < 24 hours |
| Low | Minor security event, informational | < 72 hours |