✅
SOC Checklists
Phishing investigation, brute-force analysis, malware alert triage, and suspicious login review.
Resources
Free playbooks, checklists, and reference guides for security teams.
⚙️
Security Scripts
PowerShell, Python, Bash, and API examples for common security operations tasks.
📄
Policy Templates
Vendor security, acceptable use, access management, AI usage, and incident response documents.
🔒
Ransomware Incident Response Playbook
A complete phase-by-phase response playbook for ransomware incidents — from detection and containment through recovery and post-incident review.
🎣
Phishing Incident Response Playbook
Step-by-step response for phishing reports — triage, containment, investigation, and recovery including credential compromise handling.
⚠️
Data Breach Incident Response Playbook
Structured response for confirmed or suspected data breaches, including legal and regulatory notification guidance for GDPR, HIPAA, and CCPA.
🔍
SOC Alert Triage Playbook
The standard SOC process for triaging security alerts — 5-step methodology, disposition framework, severity scoring, and SLA targets for L1/L2 analysts.
🎯
Threat Hunting Playbook — SOC Edition
A practical threat hunting playbook covering hypothesis building, data sources, SIEM query examples, MITRE ATT&CK hunt hypotheses, and documentation templates.
✅
Endpoint Analysis & Incident Handling Procedures for IOC IP Connection Detection
This playbook provides operational guidance for detecting, triaging, investigating, containing, and remediating endpoint communications involving known malicious or suspicious IP addresses (Indicators of Compromise — IOC IPs).