Incident Report Template

Use this template to document a skill-related security incident consistently.

Metadata

• Incident ID:
• Date/Time Detected (UTC):
• Severity:
• Reporter:
• Affected Platforms:
• Current Status:

Summary

Brief description of what happened and why it matters.

Scope and Impact

• Affected users/systems:
• Data impact:
• Business impact:

Timeline

• T0 Detection:
• T1 Containment:
• T2 Remediation:
• T3 Recovery:

Indicators of Compromise

• Domain/IP:
• File hash:
• Behavioral indicator:

Actions Taken

• Containment steps:
• Remediation steps:
• Communication steps:

Root Cause

What enabled this incident and what failed.

Preventive Actions