Home Security & Privacy Incident Response

Incident Response Cheat Sheet

Playbooks, postmortems, and communication

Last Updated: November 21, 2025

Lifecycle

Phase Focus
Detect Monitor alerts and anomalies
Declare Escalate with severity + status page
Contain Isolate systems and cut blast radius
Recover Restore services + monitor stability
Postmortem Document timeline, impact, and action items

Runbook Snippets

pagerduty trigger
Alert the on-call roster
timeline update
Share status on incident doc
reroute traffic
Shift load to healthy regions
run postmortem
Capture learnings & owners

Communication

Balance timely updates with accuracy and publish a concise postmortem summary.

Related Cheat Sheets

Vault Secrets Engines

Enable engines, generate dynamic credentials, and renew leases

Node.js Security

Audit dependencies, configure CSP, and lock env variables

Passwordless Authentication

Deploy magic links, WebAuthn passkeys, and OTP flows

AWS IAM Policies

Design IAM policies and test with the simulator

💡 Pro Tip: Document actions in a shared channel and formalize follow-ups before closing incidents.

Related Cheat Sheets

Browse all Security & Privacy →

← Back to Security & Privacy | Browse all categories | View all cheat sheets