Security Incident Report

Detects security incident reports containing forensic findings, root causes, and response gaps.

Type: keyword_list
Confidence: medium
Confidence justification: Medium confidence: keyword-based detection requires corroborative evidence for accurate identification.
Jurisdictions: au
Regulations: NDB Scheme (Cth), SOCI Act 2018 (Cth), TIA Act 1979 (Cth)
Frameworks: CIS Controls, DISP, ISO 27001, NIST CSF, PCI-DSS, SOC 2
Data categories: security
Scope: narrow
Risk rating: 9

Should match

Security incident report: forensic analysis and root cause analysis findings — Test match 1
Indicators of compromise (IOC) identified: malware analysis and threat actor attribution — Test match 2
Breach investigation: attack vector, compromise assessment, and incident forensics — Test match 3

Should not match

Security guard incident report — Non-match 1
Minor traffic incident — Non-match 2

Known false positives

Physical security or traffic incidents. Mitigation: Require cyber-specific terms like IOC, forensic analysis, or malware analysis.