Create a Security Incident Response Playbook

What You'll Get

A step-by-step incident response playbook for a specific security scenario — covering detection, containment, investigation, remediation, recovery, and post-incident review with decision points.

The Prompt

Write an incident response playbook for [scenario: ransomware infection / phishing attack / unauthorized account access / data breach]. Environment: [brief description]. Include: detection indicators, immediate containment steps, investigation steps, remediation, recovery, and post-incident review. Format as numbered steps with decision points.

Tips

Tailor the playbook to your actual environment — if you have specific tools (CrowdStrike, Splunk, Defender), mention them. The containment steps are the most critical; the faster isolation happens, the less damage spreads.