Incident response techniques

What is claimed is: 1. A tangible, non-transitory, machine-readable medium, comprising machine-readable instructions that, when executed by one or more processors, cause the one or more processors to: receive a first indication of a first security incident record stored in a first security incident record data store, the first security incident record identifying a first security incident; generate and transmit, to a computing device, a security incident response graphical user interface (GUI) associated with an instance of a cloud service platform, comprising a first dashboard configured to interchangeably display a plurality of containers in response to respective user selections of respective headers associated with the plurality of containers in the first dashboard, the first dashboard comprising a playbook associated with the first security incident record, wherein the playbook comprises a series of tasks to be implemented for resolution of the first security incident, the playbook is simultaneously presented with at least one container of the plurality of containers in the first dashboard, and wherein the plurality of containers comprise: a first overview container comprising one or more widgets related to the first security incident record; a first explore container comprising a set of security incident data categories, each security incident data category of the set of security incident data categories having one or more lists of records associated with the first security incident record; and a first activity stream container comprising a history of user actions, machine actions, or both, associated with the first security incident record; receive a user selection of a header of the first explore container; render, in the first dashboard via the security incident response GUI, the first explore container and the one or more lists of records with a set of selectable actions associated with the one or more lists of records; receive a user selection of one of the set of selectable actions; and implement an action associated with one of the set of selectable actions, based upon the user selection, without leaving the first dashboard. 2. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to receive the first indication of the first security incident record based upon a user selection, from within a graphical security incident queue, the user selection providing a request to generate the security incident response GUI. 3. The machine-readable medium of claim 2 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: prioritize a set of security incident records; and generate the graphical security incident queue, wherein the graphical security incident queue comprises the prioritized set of security incident records. 4. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: provide, via the security incident response GUI, one or more selectable preference icons that, when selected, provide an indication of the one or more widgets. 5. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: identify a category and a subcategory of the first security incident record; and select a default set of widgets as the one or more widgets, based upon the category and the subcategory. 6. The machine-readable medium of claim 5 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: identify the category as a phishing security incident and the subcategory as an e-mail related activity; and assign an e-mail viewer widget, e-mail attachment widget, or both as at least a portion of the default set of widgets. 7. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: receive a size or placement request, via the security incident response GUI, requesting a change to a size, a placement, or both, to at least one of the one or more widgets; and render the one or more widgets, in accordance with the size or placement request. 8. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: receive a minimize or expand request, via the security incident response GUI; and render the one or more widgets, in accordance with the minimize or expand request. 9. The machine-readable medium of claim 1 , wherein the set of security incident data categories comprise: a users category, comprising at least one list of user records associated with the first security incident record; an observables category, comprising at least one list of observable records associated with the first security incident record; a configuration items category, comprising at least one list of configuration item records associated with the first security incident record; and an incidents category, comprising one or more security incident records associated with the first security incident record. 10. The machine-readable medium of claim 9 , wherein the at least one list of user records comprise an affected users list and a related users list. 11. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: receive a second indication of a second security incident record stored in a second incident record data store, the second security incident record identifying a second security incident; wherein the security incident response GUI, comprises a second dashboard, comprising: a second overview container comprising one or more widgets related to the second security incident record; a second explore container comprising a set of security incident data categories, each having one or more lists of records associated with the second security incident record; and a second activity stream container comprising a list of all actions associated with the second security incident record. 12. The machine-readable medium of claim 11 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: render a first selectable incident header with the first dashboard; render a second selectable incident header with the second dashboard; and receive a user display indication of the first security incident record based upon a user display selection of the first selectable incident header, the user display selection providing a request to generate and present the security incident response GUI comprising the first dashboard and to hide the second dashboard. 13. The machine-readable medium of claim 1 , comprising machine-readable instructions that, when executed by the one or more processors, cause the one or more processors to: render a selectable completion indicator with each of the series of tasks; receive a selection of the selectable completion indicator for a particular one of the series of tasks; and associate a completed state with the particular one of the series of tasks, based upon the selection of the selectable completion indicator. 14. The machine-readable medium of claim 1 , co