Skip to main content
Ejecuta cualquier Skill en Manus
con un clic

soc-impossible-travel

Estrellas1
Forks0
Actualizado25 de mayo de 2026 a las 12:57

SOC investigation playbook for Microsoft Sentinel Impossible-Travel detections. Drives a single agent through context enrichment, evaluation of 10 risk factors (location, authentication, token, brute force, MFA abuse, post-login activity, OAuth abuse, mailbox manipulation, high-privilege user, disabled-account sign-in), risk scoring, and a PACO final verdict with action plan. Use this skill whenever the user mentions impossible travel, account compromise, suspicious sign-in, Sentinel detection, SOC investigation, Entra ID risky sign-in, a NormalizedDetection payload, an account takeover scenario, or asks "is this user compromised?" — even if they don't explicitly say "skill".

Instalación

Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.

Explorador de archivos
17 archivos
SKILL.md
readonly