# StrikeBack (shadow-ir) — User Guide

**Port:** 8034 | **Category:** secops | **Caps:** 58

Incident Response & CSIRT Platform — full IR lifecycle, CSIRT operations, war room coordination, containment, eradication, recovery, lessons learned, vulnerability coordination, STIX/TAXII sharing, ma

## Keyboard Shortcuts
/ search | t triage | m monitor | i investigate | a assistant | ? help | Cmd+K palette

## Capabilities (58)
- ir_preparation
- detection_and_analysis
- ir_containment
- ir_eradication
- ir_recovery
- post_incident_review
- lessons_learned
- communication_coordination
- stakeholder_notification
- escalation_matrix
- crisis_communication_plan
- media_response_coordination
- ... and 46 more

## Actions (24)
- declare_incident
- activate_war_room
- contain_threat
- eradicate_threat
- initiate_recovery
- close_incident
- generate_post_mortem
- notify_stakeholders

## AI Features
- PounceSOC™ (auto-triage)
- PounceForge™ (agentic investigation)
- WraithMind™ (AI assistant)
- ShadowNeural™ (ML detection)

## Managed Services
- managed incident response
- retainer-based IR
- breach coach
- crisis management
- incident command support
- breach reporting advisory
- recovery assurance service
- CSIRT-as-a-Service
- vulnerability coordination service
- STIX/TAXII feed management
- purple team coordination
← Back to Help Center View Product Page →