post-incident-analysis
OfficialTurn PIRs into actionable lessons.
Data & Analytics#secops#audit-trail#timeline-reconstruction#lessons-learned#incident-reporting#post-incident-analysis
AuthorHappy-Technologies-LLC
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Provides a structured, repeatable process to perform post-incident analysis (PIR) for closed security incidents, reconstructing timelines, identifying detection and response gaps, and documenting lessons learned.
Core Features & Use Cases
- Timeline reconstruction from incident records, work notes, and audit logs to reveal the sequence of events.
- Metrics calculation (time to detect, triage, contain, eradicate, recover) and generation of actionable improvement recommendations.
- PIR reporting for management, compliance, and knowledge capture, including executive summaries and root-cause documentation.
Quick Start
Load a closed security incident into the PIR workflow and generate a complete PIR report.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: post-incident-analysis Download link: https://github.com/Happy-Technologies-LLC/happy-servicenow-skills/archive/main.zip#post-incident-analysis Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.