How does this skill assist during a ransomware attack?

It provides immediate containment strategies to isolate affected systems, followed by step-by-step guidance on eradication and secure recovery from backups.

Does it support post-incident activities?

Absolutely. The skill helps construct timelines of the event and generates comprehensive post-incident reports focusing on lessons learned and future prevention.

When is this skill automatically triggered?

It activates when you mention security-specific terms like 'data breach', 'incident response plan', 'containment', or specific attack types like DDoS and ransomware.

Can it help with forensic evidence preservation?

Yes, it guides users on which logs, network traffic data, and application snapshots to collect to ensure evidence remains valid for investigations.

Security Incident Responder

Name: Security Incident Responder
Author: BbgnsurfTech

byBbgnsurfTech

•

Security & Testing

Guides users through the complete security incident response lifecycle, from initial containment and investigation to remediation and post-mortem analysis.

The Security Incident Responder skill empowers Claude to act as a specialized advisor during critical security events, providing a structured framework for handling breaches, ransomware, and DDoS attacks. By automating the creation of tailored response playbooks and evidence collection strategies, this skill helps teams classify incidents, minimize damage through rapid containment, and restore services securely. It is an essential resource for developers and security teams needing to maintain compliance, preserve forensic evidence, and implement robust remediation plans after a security failure.

Key Features

01Automated incident classification and severity assessment

023 GitHub stars

03Tailored response playbook generation for specific attack types

04Post-incident reporting and lessons learned documentation

05Detailed remediation planning for vulnerability patching

06Forensic evidence collection and preservation guidance

Use Cases

01Investigating suspected data breaches to identify the attack vector and scope

02Managing containment and eradication steps during a live ransomware attack

03Developing and testing organizational security incident response plans (IRP)

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection security-incident-responder

For use in Claude.ai and ChatGPT

Download Skill