Incident Triage

Use the building-soc-escalation-matrix skill to build a structured SOC escalation matrix with severity tiers, response SLAs, escalation paths, and notification rules. It includes template, standards mapping, workflows, and scripts for practical building-soc-escalation-matrix usage in security operations and audit work.

analyzing-cyber-kill-chain helps map intrusion activity to the Lockheed Martin Cyber Kill Chain to show what happened, where defenses held or failed, and which controls could have stopped the attack earlier. It is useful for incident response, detection-gap analysis, and analyzing-cyber-kill-chain for Threat Intelligence.