Shift Handover Template

CONFIDENTIAL Do not share this protocol with other people. Content might include sensitive information.

CAUTION Donโ€™t click any of the listed links in this protocol, except the ones explicitly marked as safe.

๐Ÿ“… Administrative

  • Who was working and who is next?
  • What does the schedule look like for the next couple of weeks?
OnCallHelpers
Previous
New

๐Ÿš€ Updates of our own projects, tools, systems

๐Ÿ›ก๏ธ Detection

  • What detections have been written/updated/refactored?
  • What False Positive Allowlisting has been done?

๐Ÿฑโ€๐Ÿ’ป Automation

  • What automation has been built/updated/refactored? Any Cortex Responders or Analysers?

๐Ÿ“ก Notable events, results from daily checks, new vulnerabilities, patches, exploits, attacksโ€ฆ

DayDescription
FridayFor each case: title, reference and a short summary
Weekend
Monday
Tuesday
Wednesday
Thursday
Friday

๐Ÿ› ๏ธ Maintenance and the like that may affect us / our systems

  • Any maintenance announcements for the system we rely on?

๐Ÿงช Pentest Announcements

Indicator(s)Timeframe(s)Targets(s)Environment(s)Contact(s)
TitleDescriptionRecommended byLink

๐Ÿ“ˆ Metrics

  • Number of cases in the past 8 days
  • Cases in from previous shifts, but still open
  • Average case handling time per severity level (Low, Medium, High, Critical)
  • Number of cases which are a true positive with impact
  • Overview of the most frequent detections

Relevant Note(s): Incident Response