mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-16 07:53:18 +03:00
mukul975
1.4 KiB
1.4 KiB
Cloud Incident Containment Report Template
Case Information
| Field | Details |
|---|---|
| Case ID | |
| Cloud Platform(s) | AWS / Azure / GCP |
| Incident Type | |
| Containment Start | |
| Containment End | |
| IR Lead |
Affected Resources
| Resource | Type | Account/Subscription | Region | Status |
|---|---|---|---|---|
Pre-Containment Evidence
- Disk snapshots created
- Log exports completed
- Configuration state captured
- Network flow logs preserved
Containment Actions Taken
| # | Time (UTC) | Action | Resource | Result | Executed By |
|---|---|---|---|---|---|
| 1 |
Credential Actions
| Identity | Action | Timestamp | Verified |
|---|---|---|---|
| Keys disabled | |||
| Sessions revoked | |||
| Password reset |
Network Isolation
| Resource | Previous SG/NSG | Quarantine SG/NSG | Verified |
|---|---|---|---|
Verification Results
- Compromised resource cannot reach internet
- Compromised credentials are non-functional
- Forensic access still available
- No new unauthorized activity detected
Next Steps
- Eradication planning
- Root cause analysis
- Recovery procedures
- Post-incident review