shadowport1609/Incident-Response-Reports

# Incident-Response-Reports # Incident Response Reports 🛡️ Real-world security incident investigations conducted as part of home SOC lab operations. ## Reports | ID | Title | Severity | Status | |----|-------|----------|--------| | IR-2026-001 | Brute Force SSH Attack via Tor Exit Node | CRITICAL | RESOLVED | ## Methodology Each report follows professional SOC analyst workflow: 1. Detection via PhilSIEM automated alerting 2. Investigation using Kibana dashboard 3. Threat intelligence via AbuseIPDB and Shodan 4. MITRE ATT&CK framework mapping 5. Documented response and recommendations ## Tools Used - PhilSIEM — custom Python SIEM - Kibana — event visualisation - AbuseIPDB — threat intelligence - Shodan — network intelligence - MITRE ATT&CK — framework mapping *Philip O'Malley | Breaking Into Cyber 🛡️* *philsiem.com | github.com/Shadowport1609*