Incident Response Plan

The incident-response-plan skill generates comprehensive, step-by-step recovery strategies for IT and cybersecurity breaches. It analyzes specific breach details to produce actionable plans covering containment, eradication, and post-incident review.

When to use it

• Drafting a response protocol immediately after detecting a ransomware infection or data leak.
• Preparing a standardized playbook for your team to handle recurring security incidents like phishing attacks.
• Creating a custom recovery guide for a specific system architecture or cloud environment.
• Simulating disaster scenarios to test the effectiveness of current organizational procedures.

Key capabilities

• Generates structured incident response plans tailored to specific breach types.
• Provides step-by-step instructions for containment and eradication phases.
• Includes recommendations for post-incident analysis and prevention measures.
• Adapts output based on provided details about the affected system or threat vector.

Example prompts

• "Create an incident response plan for a suspected SQL injection attack on our customer database."
• "Draft a step-by-step recovery guide for restoring services after a DDoS event."
• "Generate a post-breach analysis checklist and remediation steps for a compromised employee workstation."

Tips & gotchas

• Provide detailed context about your infrastructure, such as cloud providers or specific software versions, to get more relevant advice.
• Always validate AI-generated security plans with qualified human experts before deploying them in production environments.