Cyber Incident Response Playbook Battle Cards

This document contains a collection of Cyber Incident Response Playbook Battle Cards (PBC). These cards serve as guidelines for preparing and implementing countermeasures against cyber threats and attacks. The PBC adopts a prescriptive approach to address various Tactics, Techniques, and Procedures (TTP) used by cyber threat actors. They support the proactive activities carried out by individuals before, during, and after responding to a cybersecurity incident. Inspired by the Incident Response Methodology (IRM) from CERT Societe Generale, these cards are essential resources for incident response teams.

CERT Societe Generale's IRM: https://github.com/certsocietegenerale/IRM/ - GuardSight's Cybersecurity Incident Response Plan: https://github.com/guardsight/gsvsoc_cybersecurity-incident-response-plan - Incident Response Playbooks: https://www.incidentresponse.com/playbooks/ - NIST Cybersecurity Framework: https://www.nist.gov/cyberframework - NIST Special Publication 800-184: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-184.pdf - NIST Special Publication 800-61 Rev. 2: https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final - MITRE Cyber Exercise Playbook: https://www.mitre.org/sites/default/files/publications/pr_14-3929-cyber-exercise-playbook.pdf