Incident Response Network

Network forensics evidence collection and analysis during security incidents. Guides volatile evidence preservation, lateral movement detection via flow records and ARP/MAC/CAM table analysis, and read-only containment verification across Cisco IOS-XE/NX-OS, Juniper JunOS, and Arista EOS. Scoped to network artifacts only — packet captures, flow data (NetFlow/sFlow/IPFIX), forwarding tables, routing state, and device logs. Not general incident response, endpoint forensics, or malware analysis.

Install

openclaw skills install @vahagn-madatyan/incident-response-network