Skip to main content

SANS - Incident Handlers Checklist

Follows the "Incident Handler's Checklist" described in the SANS Institute ‘Incident Handler’s Handbook’ by Patrick Kral.

***Disclaimer: This playbook does not ensure compliance to SANS regulations.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • SANS - Lessons Learned

Integrations#

This playbook does not use any integrations.

Scripts#

  • GenerateInvestigationSummaryReport

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionRequired
DataCollectionThe data collection task to use to answer lessons learned questions based on SANS. Specify "True" to automatically send the communication task, and "False" to prevent it.Optional
EmailThe email address to which to send the questions.Optional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


SANS_Incident_Handlers_Checklist