π€ AI Prompts Cheatsheet
Alex Morgan — AI Security Researcher
Why AI Changes the Game for Incident Response
In today’s fast-paced cybersecurity landscape, the reliance on AI tools for incident response has become critical. These AI-driven solutions can assist security professionals in quickly analyzing threats, automating repetitive tasks, and enhancing overall situational awareness.
Before You Start: How to Set Context Properly
To maximize the efficacy of AI tools like ChatGPT or Claude, it is essential to provide clear context. This can involve outlining the specific issue at hand, relevant data, and the type of output you need. Proper context setting improves the quality and relevance of the responses generated by AI.
Core Prompts Cheatsheet
This prompt encourages AI to analyze the incident and proposes actionable containment strategies.
Aimed at collecting specific IOCs, this prompt directs AI to provide tailored insights.
This prompt helps create a comprehensive response plan, aiding teams in preparation.
Useful for developing a culture of continuous improvement, this prompt seeks AI’s expertise on review processes.
This prompt aims to gather specific insights into social engineering tactics and their real-world effects.
This targeted prompt allows for an assessment of areas needing attention.
This promotes understanding of foundational concepts vital to incident response frameworks.
This creates a list of resources beneficial to enhancing operational efficiency.
Helps address compliance and legal implications in operations.
Weak vs Strong Prompt Examples
Advanced Prompt Techniques
Utilize techniques such as **role prompting** by asking AI to assume certain roles (e.g., an incident responder or an IT forensics expert). Use **chain-of-thought prompting** to guide AI step-by-step in complex scenarios. Implement **few-shot examples** to show desired output formats, and consider **output formatting** to meet your needs better, such as specifying whether the output should be in bullet points or paragraphs.
Claude vs ChatGPT: Which Works Better For This
Both tools have strengths. ChatGPT excels in conversational continuity and personalization, making it suitable for detailed response drafts. In contrast, Claude can provide concise, focused answers quickly, ideal for checklists and quick reference material. Choose based on whether you prefer depth over breadth or vice versa.
Tips for Getting Consistent Results
Context setting is crucial. Always include as much relevant detail as possible in your prompts. Be specific about the output format you want, and use **iterative refinement** by adjusting prompts based on previous responses to fine-tune the output. This feedback loop can enhance result quality significantly.
Quick Reference: All Prompts in One Place
– Provide a summary of the following incident and suggest immediate containment measures: [DESCRIPTION OF THE INCIDENT]
– List the possible indicators of compromise (IOCs) associated with a phishing attack on a financial institution.
– Draft an incident response plan template for a ransomware attack.
– What are the best practices for conducting a post-incident review?
– Generate a report on the impact of social engineering in recent cyber incidents.
– Identify potential vulnerabilities in a network configured for remote access.
– Explain the significance of the MITRE ATT&CK framework in incident response.
– Suggest tools and technologies for automating incident response tasks.
– What are the legal considerations to keep in mind during an incident response?