Details playbook Connect Machine Verify Determine whether alert was TP or FP Choose Incident Type What is the initial access method used in the attack? Determines Scope of Threat/Risk to the Organization What is the persistence method used…