logo
Defence blues
Playbooks
  • Red tradecraft
  • Privacy greenhouse
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
    • Blue team @Home
    • Servers without a security team
    • Honeytech for humans
    • Blue team for dev
    • OT and ICS security
    • Counter moves
    • Golem Trust Computing Ltd.
      • Startup
      • Scale-up
        • The Royal Bank requirements
        • Everything in Docker Hub is trustworthy, right?
        • GitLab and the pipeline security
        • Configuration drift and the CIS benchmark
        • The dragon attack exercise
        • File integrity and the Wazuh deployment
        • Alternative tools
        • Multi-region architecture
        • Runbooks
        • Playbooks
          • Wazuh alert tuning
          • Vulnerability management procedures
          • Remediation workflows
        • Playbooks
          • Wazuh alert tuning
          • Vulnerability management procedures
          • Remediation workflows
      • Enterprise
      • Cloud concentration and its discontents
      • Cloud complexity and misconfiguration epidemic
    • Civic Defence Establishment
    • The Circle Sea Arrangement
    • Office of Civil Surveys
    • Civil Observers’ Society
    • The Home for Bewildered Beasts of Legend
    • Campaigns, manoeuvres and scenarios

    Playbooks¶

    Scenario-driven response guides for the scale-up phase. Each playbook covers a class of situation where the correct path depends on context and judgement.

    Observability and alerting:

    • Wazuh alert tuning

    Container security:

    • Vulnerability management procedures

    Configuration management:

    • Remediation workflows
    2026-06-09 19:19
    © Copyright 2026, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2026, with a forest garden fostered by /ut7