Follows the "Incident Handler's Checklist" described in the SANS Institute ‘Incident Handler’s Handbook’ by Patrick Kral.
***Disclaimer: This playbook does not ensure compliance to SANS regulations.
This playbook uses the following sub-playbooks, integrations, and scripts.
- SANS - Lessons Learned
This playbook does not use any integrations.
This playbook does not use any commands.
|DataCollection||The data collection task to use to answer lessons learned questions based on SANS. Specify "True" to automatically send the communication task, and "False" to prevent it.||Optional|
|The email address to which to send the questions.||Optional|
There are no outputs for this playbook.