Skip to main content
Manusで任意のスキルを実行
ワンクリックで
GitHub リポジトリ

Security-Detections-MCP

Security-Detections-MCP には MHaggis から収集した 15 個の skills があり、リポジトリ単位の職業カバレッジとサイト内 skill 詳細ページを表示します。

収集済み skills
15
Stars
459
更新
2026-04-10
Forks
70
職業カバレッジ
2 件の職業カテゴリ · 100% 分類済み
リポジトリエクスプローラー

このリポジトリの skills

att-ck-navigator-layer-generator
情報セキュリティアナリスト

Generate MITRE ATT&CK Navigator layers for coverage visualization, threat actor mapping, and gap analysis. Produces JSON files compatible with the Navigator web app.

2026-04-10
analytic-story-builder
情報セキュリティアナリスト

Create grouped detection narratives that tie individual rules into coherent threat stories. Covers Splunk Analytic Stories, Elastic detection rule groups, and Sentinel analytics grouping.

2026-03-05
atomic-red-team-testing
情報セキュリティアナリスト

Execute and validate adversary emulation tests using Atomic Red Team. Covers standard atomics, custom atomics (T9999.XXX), deployment workflows, and detection validation.

2026-03-05
test-environment-builder
情報セキュリティアナリスト

Build and manage adversary emulation lab environments for any SIEM. Covers Splunk Attack Range, Elastic Security labs, Azure Sentinel labs, and Docker-based setups. Maps data source requirements to infrastructure components.

2026-03-05
cti-detection-engineer
情報セキュリティアナリスト

Expert CTI analyst specializing in detection engineering, MITRE ATT&CK mapping, behavioral analysis, and intelligence-driven detection creation. SIEM-agnostic methodology that works with Splunk SPL, KQL, Sigma, and Elastic. Use when analyzing threat reports, creating detections, mapping MITRE techniques, or developing behavioral analytics.

2026-03-05
custom-atomics-deployment
情報セキュリティアナリスト

Create, deploy, and execute custom Atomic Red Team tests (T9999.XXX series) for detection validation. Covers YAML authoring, Ansible deployment, and manual alternatives.

2026-03-05
data-source-mapper
情報セキュリティアナリスト

Map MITRE ATT&CK techniques to required data sources across Windows, Linux, cloud, network, and EDR telemetry. Includes CIM, ECS, Sigma, and KQL (Sentinel) field mapping comparisons.

2026-03-05
detection-reviewer
情報セキュリティアナリスト

Expert detection quality assurance reviewer. Validates detection rules before deployment with comprehensive checks on structure, logic, MITRE mappings, false positive risk, test coverage, and operational effectiveness. Works with SPL, KQL, Sigma, and Elastic formats. Use when reviewing detections or performing QA checks.

2026-03-05
detection-test-engineer
ソフトウェア開発者

Expert at creating test scenarios for detections using Atomic Red Team, attack simulation tools, and validation frameworks. Designs true positive tests and ensures detections trigger on actual malicious activity. Works across SIEM platforms. Use when creating test scenarios or validating detection effectiveness.

2026-03-05
detection-yaml-engineer
ソフトウェア開発者

Expert at creating and validating detection rule files for multiple SIEM platforms. Supports Splunk security_content YAML, Sigma rules, Elastic detection TOML, and KQL analytics. Ensures compliance with repository conventions and optimal query performance. Use when creating or modifying detection rules.

2026-03-05
pr-extension-workflow
ソフトウェア開発者

Analyze pull requests for detection coverage gaps and recommend additional detections, story alignments, and test coverage to extend PRs before merge.

2026-03-05
detection-query-optimizer
ソフトウェア開発者

Optimize detection queries for performance across Splunk (SPL), Microsoft Sentinel (KQL), and Elastic Security (EQL/ES|QL). Covers search pipeline internals, common anti-patterns, and optimization techniques for detection rules on each platform.

2026-03-05
supply-chain-attack-analyst
情報セキュリティアナリスト

Analyze software supply chain attacks across package registries (npm, PyPI, RubyGems), CI/CD pipelines (GitHub Actions, GitLab CI), and container ecosystems. Includes detection engineering patterns for Splunk, Sentinel, Elastic, and Sigma.

2026-03-05
threat-report-parser
情報セキュリティアナリスト

Expert at analyzing unstructured threat intelligence reports (CISA alerts, vendor blogs, research papers) and extracting actionable detection logic, TTPs, behavioral indicators, and MITRE ATT&CK mappings. Focuses on behaviors over IOCs. Use when provided with threat reports, security advisories, or campaign documentation.

2026-03-05
detection-coverage-analysis
情報セキュリティアナリスト

Analyzes detection coverage using Sigma, Splunk, and Elastic rules. Use when checking coverage for techniques, tactics, threat actors, or generating Navigator layers from detections.

2026-01-15