Articles on Incident Response
Below are my perspectives on Incident Response, drawn from my work as a security leader and practitioner.
- Threat Intelligence Six Signals for Threat Attribution Intelligence analysts weigh six signals together to build defensible attribution to a threat actor. For each one, they use a disciplined methodology we can cite and stress-test.
- Artificial Intelligence Write Good Incident Response Reports Using Your AI Tool I released an MCP server to give your AI expertise to write good IR reports from raw notes or to get constructive feedback on existing content. You can replicate my approach to codify your own...
- Communication How to Write Good Incident Response Reports Writing effective incident response reports is essential for communicating critical details, instilling confidence, and facilitating organizational learning. A good report should be concise,...
- Incident Response A Report Template for Incident Response Effective incident response relies on clear communication and structured documentation to ensure incidents are handled consistent with stakeholder expectations. A customizable incident report...
- Threat Intelligence Report Template for Threat Intelligence and Incident Response Large-scale intrusions require organizing intelligence about adversary actions and response efforts. A threat intelligence report template leveraging the Intrusion Kill Chain, Courses of Action...
- Incident Response Speaking at the Forensic Lunch