Give a MITRE technique, incident description, or SIGMA rule — get a structured IR playbook draft as a starting point for your response. Covers Detection through Post-Incident with concrete steps, commands, evidence checklist, and escalation guidance. Adapt to your environment — this is a planning aid, not a replacement for analyst judgment. 100% client-side.