Incident Response: The NIST SP 800-61 Lifecycle
A blue team guide to the four phases of incident response
Apr 13, 20266 min read2
Command Palette
Search for a command to run...
Series
Frameworks & Methodology
Blue team frameworks and methodologies: NIST IR lifecycle, MITRE ATT&CK, Cyber Kill Chain, Diamond Model, CTI lifecycle. The shared vocabulary every analyst needs.
MITRE ATT&CK: The Blue Team Analyst's Framework
The shared vocabulary for describing attacker behavior, detection engineering, and defense gaps
Apr 16, 20265 min read2
Cyber Threat Intelligence Lifecycle: From Raw Data to Actionable Intel
The six-phase CTI cycle, the four types of intelligence, and the protocols that govern sharing
Apr 20, 20266 min read3
Kill Chain, Diamond Model, Pyramid of Pain: Three Frameworks Every Blue Teamer Should Know
Three complementary threat intel frameworks — when to use each and how they work together
Apr 23, 20268 min read8