creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/conducting-post-incident-lessons-learned/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

1.5 KiB
Raw Blame History

Post-Incident Lessons Learned — API Reference

Libraries

Library Install Purpose
requests pip install requests API calls to ticketing/SIEM systems
jinja2 pip install Jinja2 Report template rendering
matplotlib pip install matplotlib Timeline and metric visualization

Key Metrics

Metric Formula Target
MTTD Detection time - Incident start < 30 minutes
MTTC Containment time - Detection time < 60 minutes
MTTR Resolution time - Detection time < 4 hours
Dwell Time Detection time - Initial compromise < 24 hours

NIST SP 800-61 Phases

Phase Activities
Preparation Playbooks, tools, training
Detection & Analysis Alert triage, scoping, evidence collection
Containment Short-term and long-term isolation
Eradication & Recovery Root cause removal, system restoration
Post-Incident Lessons learned, action items, metrics

Report Template Sections

Section Content
Executive Summary Impact, scope, duration
Timeline Chronological event sequence
Root Cause 5-Whys or fishbone analysis
Action Items Prioritized P1/P2/P3 with owners

External References

Reference in New Issue View Git Blame Copy Permalink