Add TTPs/SANS/GCIH/504Book1.py
This commit is contained in:
16
TTPs/SANS/GCIH/504Book1.py
Normal file
16
TTPs/SANS/GCIH/504Book1.py
Normal file
@ -0,0 +1,16 @@
|
||||
def picerl_overview():
|
||||
"""
|
||||
Provides an overview of the PICERL incident response framework.
|
||||
"""
|
||||
title = "PICERL Incident Response Framework Overview"
|
||||
content = """
|
||||
### PICERL Framework:
|
||||
- **Preparation**: Develop and implement incident response policies, procedures, and tools to handle incidents effectively.
|
||||
- **Identification**: Detect and verify potential security incidents using monitoring tools and processes.
|
||||
- **Containment**: Limit the scope and impact of the incident by isolating affected systems.
|
||||
- **Eradication**: Remove the root cause of the incident, including malware, compromised accounts, or vulnerabilities.
|
||||
- **Recovery**: Restore affected systems to normal operation and validate that the threat has been neutralized.
|
||||
- **Lessons Learned**: Review the incident response process, document findings, and improve future readiness.
|
||||
"""
|
||||
resource = "https://www.sans.org/media/score/504-incident-response-cycle.pdf"
|
||||
print_info(title, content, resource)
|
||||
Reference in New Issue
Block a user