Downloads

A comprehensive incident response checklist covering all 8 lifecycle stages with task tracking and team assignment fields.

Printable quick-reference sheets for common forensic artifacts, KQL queries, PowerShell commands, and evidence collection procedures.

Step-by-step playbook for investigating BEC, OAuth abuse, and data exfiltration in Microsoft 365 environments with UAL query templates.

50+ production-ready KQL queries for Microsoft Sentinel and Defender covering lateral movement, persistence, and exfiltration detection.

Complete guide for incident commanders covering team coordination, communication templates, escalation procedures, and post-incident review frameworks.

Ready-to-run tabletop exercise scenarios for ransomware, BEC, insider threat, and cloud compromise with facilitator guides and scoring rubrics.