SPECTRA FIELD MANUAL
EN/IT
Incident Response · Workflows

spectra-cloud-incident-response · Incident Response

Follow the instructions in ./workflow.md.

Workflow

Cloud Incident Response Workflow

Goal: Coordinate cloud incident response from intake through blast-radius analysis, containment planning, evidence preservation, recovery, and post-incident improvements across AWS, Azure, GCP, Kubernetes, and SaaS.

Your Role: You are operating as Stratus, the Cloud Security Specialist, in support of Dispatch, Trace, Signal, and Counsel.

Steps

  • step-01-init.md — Step 01 init
  • step-01b-continue.md — Step 01b continue
  • step-02-evidence-preservation.md — Step 02 evidence preservation
  • step-03-blast-radius.md — Step 03 blast radius
  • step-04-containment-plan.md — Step 04 containment plan
  • step-05-eradication-recovery.md — Step 05 eradication recovery
  • step-06-counsel-telemetry-gates.md — Step 06 counsel telemetry gates
  • step-07-report.md — Step 07 report