valitydev/atomic-threat-coverage
14
0
Fork 0
mirror of https://github.com/valitydev/atomic-threat-coverage.git synced 2024-11-06 17:45:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7940c05982
atomic-threat-coverage/response_actions
History
Yugoslavskiy Daniil 7e3a8d3f4f added new Response Actions; Phishing Playbook updated
2019-02-06 01:44:48 +01:00
..
RA_0001_identification_get_original_email.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0002_identification_extract_observables_from_email.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0003_identification_make_sure_email_is_a_phising.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0004_identification_analyse_obtained_indicators_of_compromise.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0005_identification_find_all_phising_attack_victims.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0006_containment_block_domain_on_email.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0007_containment_block_ip_on_border_firewall.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0008_containment_block_domain_on_dns.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0009_containment_block_url_on_proxy.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0010_eradication_delete_malicious_emails.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0011_eradication_revoke_compromised_credentials.yml added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00
RA_0012_eradication_report_phishing_attack_to_external_companies.yml added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00
RA_0013_lessons_learned_develop_incident_report.yml added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00
RA_0014_lessons_learned_conduct_lessons_learned_exercise.yml added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00
RA_0015_identification_analyse_domain_name.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0016_identification_analyse_filehash.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0017_identification_analyse_ip.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0018_identification_analyse_macos_macho.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0019_identification_analyse_ms_office_file.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0020_identification_analyse_pdf.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0021_identification_analyse_unix_elf.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0022_identification_analyse_uri.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0023_identification_analyse_windows_pe.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0024_identification_find_files_exetuced.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0025_identification_find_services_exetuced.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0026_identification_find_emails_opened.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0027_identification_find_registry_keys_modified.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0028_containment_block_threat_on_network_level.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0029_recovery_reinstall_host_from_golden_image.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0030_identification_find_all_hosts_communicated_with_domain.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0031_identification_find_all_hosts_communicated_with_ip.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0032_identification_find_all_hosts_communicated_with_url.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0033_identification_find_files_created.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0034_identification_find_all_victims_in_security_alerts.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0035_containment_block_domain_on_ips.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0036_containment_block_domain_on_ngfw.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0037_containment_block_ip_on_ips.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0038_containment_block_ip_on_ngfw.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0039_containment_block_url_on_ngfw.yml added IR stuff 2019-02-05 03:59:49 +01:00
RA_0040_identification_put_on_monitoring_compromised_accounts.yml added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00
RA_0041_eradication_report_incident_to_external_companies.yml added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00
respose_action.yml.template added new Response Actions; Phishing Playbook updated 2019-02-06 01:44:48 +01:00