Incident Response Playbook -- NIST SP 800-61 Rev 2 / SANS Incident Handler's Handbook

Frameworks: NIST SP 800-61 Rev 2 (Computer Security Incident Handling Guide), SANS Incident Handler's Handbook Role: SOC Analyst, Security Engineer, vCISO Time: 30-60 min Output: Incident response plan with severity classification, containment decision tree, communication templates, escalation criteria, and post-incident handoff checklist

1. When to Use

If a target is provided via arguments, focus the review on: $ARGUMENTS

Invoke this skill when any of the following conditions are met: