Security Incident Reporting Source: https://github.com/dirnbauer/webconsulting-skills Comprehensive framework for documenting and analyzing security incidents, drawing from NIST SP 800-61 and SANS methodologies. When to Use - After a security incident (DDoS, breach, vulnerability exploitation) - Creating post-mortem documentation - Communicating with stakeholders (C-level, legal, security teams) - Correlating attack patterns with known CVEs - Establishing incident response metrics (MTTR, dwell time) Related Skills - security-audit - Pre-incident vulnerability assessment - typo3-security - TYP…