← Back to Platform
βŒ‚ cgdsn.cloud / Incident Response Platform / Dashboard
Incident Response Dashboard
Real-time security operations overview
β€”
Active Incidents
β€”
Critical Severity
β€”
Total Incidents
β€”
Closed

Recent Incidents

Incident Management
All security incidents β€” create, track, investigate
IDTitleSeverityStatusCategoryAssigned ToDetectedActions
Incident Timeline
Chronological event tracking
Select an incident to view timeline
Evidence Management
Digital evidence chain of custody
IDIncidentFilenameTypeSHA-256Collected ByDate
IOC Search & Correlation
Indicators of Compromise across all incidents
TypeValueConfidenceStatusIncidentDescriptionActions
Asset Inventory
All monitored systems and devices
HostnameIP AddressTypeOSOwnerCriticalityStatusActions
MITRE ATT&CK Framework
Tactic and technique coverage from your incidents
Click a technique to view related incidents. Highlighted cells indicate coverage from current incidents.
Response Playbooks
Standardized response procedures
Containment Actions
Active containment tracking
β€”
Isolated Hosts
β€”
Quarantined
β€”
Online

Assets Requiring Attention

Open & Investigating Incidents

KPI Metrics
Mean time to Detect, Acknowledge, Contain, Resolve
β€”
hours
MTTD β€” Detect
β€”
hours
MTTA β€” Acknowledge
β€”
hours
MTTC β€” Contain
β€”
hours
MTTR β€” Resolve
Incidents by Severity
Incidents by Category
Incidents by Status
Total Incidents
β€”
All Time
Incident Reports
Export and share incident documentation

Executive Summary

Incident Detail Report

Audit Log
Immutable record of all platform actions
Timestamp
User
Action
Details
Knowledge Base
IR procedures, references, and lessons learned

Incident Response Lifecycle

1. Preparation
2. Detection
3. Analysis
4. Containment
5. Eradication
6. Recovery

Severity Definitions

LevelDescriptionResponse TimeExamples
CriticalActive breach, data exfiltration, ransomwareImmediate (15 min)Ransomware, APT, insider exfil
HighSignificant risk, potential breach indicator1 hourPhishing success, C2 detected
MediumSuspicious activity, policy violation4 hoursBrute force, scan activity
LowInformational, low risk event24 hoursFailed logins, recon

MITRE ATT&CK Quick Reference

TacticDescriptionCommon Techniques
Initial AccessEntry vectors into the networkT1566 Phishing, T1190 Exploit Public App
ExecutionRunning adversary-controlled codeT1059 Command Interpreter, T1204 User Execution
PersistenceMaintaining footholdT1053 Scheduled Task, T1078 Valid Accounts
Credential AccessStealing credentialsT1110 Brute Force, T1003 OS Credential Dump
Lateral MovementMoving through networkT1021 Remote Services, T1550 Use Alt Auth
ImpactManipulating, disrupting systemsT1486 Data Encrypted, T1489 Service Stop