Articles on Incident Response
Below are my perspectives on Incident Response, drawn from my work as a security leader and practitioner.
- Threat Intelligence A Report Template for Cyber Threat Intelligence Cyber threat intelligence analysts produce credible reports by weighing signals at tactical, operational, and strategic levels. A customizable CTI report template helps analysts capture activity,...
- Threat Intelligence Six Signals for Threat Attribution Credible threat attribution weighs six signals together. Each signal has a disciplined methodology behind it, with citations and stress tests to back the conclusions.
- Artificial Intelligence Write Good Incident Response Reports Using Your AI Tool I released an MCP server to give your AI expertise to write good IR reports from raw notes or to get constructive feedback on existing content. You can replicate my approach to codify your own...
- Communication How to Write Good Incident Response Reports Writing effective incident response reports is essential for communicating critical details, instilling confidence, and facilitating organizational learning. A good report should be concise,...
- Incident Response A Report Template for Cybersecurity and Privacy Incident Response Incident responders need to know which questions to ask and how to communicate the answers to a diverse set of stakeholders. A customizable report template gives the response coordinator that...
- Incident Response Speaking at the Forensic Lunch