STUDY PROJECT · IR · NIST
Incident Response Notes
INCIDENT RESPONSENIST SP 800-61PLAYBOOKS

Practical incident response notes and templates covering phishing, malware, ransomware, unauthorized access, and web vulnerability response — aligned to NIST SP 800-61 Rev. 2.

VIEW DETAILS ↓
AREAS COVERED
Phishing
Phishing Response Playbook
Detection, triage, user notification, mailbox quarantine, and IOC extraction steps — aligned to NIST SP 800-61 containment phase guidance.
Malware
Malware & Ransomware Response
Host isolation, forensic imaging, IOC analysis, and recovery steps for malware incidents — including ransomware-specific decisions on payment and restoration.
Access
Unauthorized Access Handling
Detection via SIEM alerts, session termination, credential reset, scope determination, and post-incident privilege review procedures.
Documentation
Templates & Checklists
Reusable IR templates and security checklists for rapid incident documentation — structured for both technical responders and management stakeholders.
REPORT
Incident Response Notes
Full report — findings, methodology, evidence, and remediation guidance.
DOWNLOAD REPORT ↓