Skill UI

A comprehensive, structured playbook for Security Operations Centers (SOCs) detailing the entire lifecycle of ransomware incidents. It guides analysts through detection (SIEM queries), triage decision trees, containment (EDR/Firewall), evidence collection, and recovery phases, adhering to NIST CSF and MITRE ATT&CK frameworks.

This system manages vulnerabilities that cannot be remediated within Service Level Agreement (SLA) timelines. It provides structured workflows for requesting exceptions, documenting compensating controls, obtaining formal risk acceptance approvals, and automatically managing expiration. It helps organizations maintain visibility into accepted risks to comply with major frameworks like PCI DSS, SOC 2, and NIST CSF.

This skill guides users through conducting a comprehensive maturity assessment using the NIST Cybersecurity Framework (CSF) 2.0. It covers calculating an organization's cybersecurity posture against the six core functions (Govern, Identify, Protect, Detect, Respond, Recover) and the four Implementation Tiers (Partial to Adaptive). The process culminates in detailed gap analysis and the creation of a strategic improvement roadmap.

A comprehensive guide to building a structured incident response playbook for ransomware attacks. It aligns with the CISA StopRansomware Guide and NIST CSF, covering all phases from preparation and detection to containment, eradication, and recovery. Ideal for security teams conducting readiness assessments or updating compliance documentation.