by mukul975
containing-active-breach is an incident-response skill for live breach containment. It helps isolate hosts, block suspicious traffic, disable compromised accounts, and slow lateral movement using a structured containing-active-breach guide with practical API and script references.
by mukul975
conducting-cloud-incident-response is a cloud incident response skill for AWS, Azure, and GCP. It focuses on identity-based containment, log review, resource isolation, and forensic evidence capture. Use it for suspicious API activity, compromised access keys, or cloud-hosted workload breaches when you need a practical conducting-cloud-incident-response guide.
by mukul975
building-soc-playbook-for-ransomware skill for SOC teams that need a structured ransomware response playbook. It covers detection triggers, containment, eradication, recovery, and audit-ready procedures aligned to NIST SP 800-61 and MITRE ATT&CK. Use it for practical playbook creation, tabletop exercises, and Security Audit support.
