Scribd Logo
Upload

Welcome to Scribd!

  • Incident Response Report v2

    Uploaded by

    derickoti45
    4 views4 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views4 pages

    Incident Response Report v2

    Uploaded by

    derickoti45

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    CYBER SECURITY UP

    Incident Communication and Reporting


    Employer: Cyber SecurityUP
    Name: Joas A Santos

    Sao Paulo, Brazil 08/20/2023 Version 1


    CYBER SECURITY UP
    INCIDENT IDENTIFICATION INFORMATION
    Date and Time of Notification
    Incident name:
    Analyst Name: Date and Time of Detection

    Function: Location:
    Email/Cell Phone: System or Application: Linux, Windows, Website

    INCIDENT SUMMARY
    Incident Type:
    ☐ Denial of Service ☐ Malware ☐ Dump of Data
    ☐ Unauthorized Access ☐ Phishing ☐ Other
    Incident Description:

    Name and contact details of the people involved:

    Incident Severity
    ☐ Critical ☐ Average
    ☐ High ☐ Low

    Affected Systems:
    ☐ On-premises ☐ IoT/ICS
    ☐ Cloud ☐ Physical

    ACTIONS
    Identification Measures (Incident Verified, Evaluated, Options Evaluated):

    Containment Measures:

    Collected Evidence (System Logs, IoCs, etc.):

    Eradication Measures:

    Sao Paulo, Brazil 08/20/2023 Version 1


    CYBER SECURITY UP
    Recovery Measures (Optional)

    Other mitigation methods:

    Form developed for internal use -Joas Antonio dos Santos / Cyber Security UP

    IMPACT OF THE INCIDENT


    IMPACT OF THE INCIDENT:
    ☐ Users ☐ Others
    ☐ Intellectual Property ☐ Financial

    Affected users:

    COMMUNICATION
    Reviewed by:
    ☐ Security Officer ☐ Department/Team
    ☐ Tech Leader ☐ Other
    Recommended actions taken:

    Initial report completed by:

    Follow-up completed by:

    Lessons Learned
    How well did workforce members respond?

    Have documented procedures been followed? Were they adequate?

    What information was needed before?

    Sao Paulo, Brazil 08/20/2023 Version 1


    CYBER SECURITY UP
    Have any measures or actions been taken that may have inhibited recovery?

    What can workforce members do differently the next time an incident occurs?

    What corrective actions can prevent similar incidents in the future?

    What additional resources are needed to detect, analyze and mitigate future incidents?

    Other conclusions or recommendations:

    additional remarks

    Commitment Indicators

    additional remarks

    Improved Journal of AHIMAA Developed Form

    Subscriptions
    SOC Analyst INCIDENT RESPONSER LEADER SOC Manager

    _____________ _______________ _____________

    Sao Paulo, Brazil 08/20/2023 Version 1

    You might also like