hunt-data-source-identification
OTRF · Development
识别可用于捕捉结构化狩猎假设中定义行为的相关安全数据源。在明确狩猎焦点后使用该技能,将调查意图转化为候选遥测来源,利用现有平台目录进行推理。该技能支持狩猎规划,可在分析开发或查询执行前,基于可用模式和元数据进行推理。
Identify relevant security data sources that could capture the behavior defined in a structured hunt hypothesis. Use this skill after the hunt focus has been defined to translate investigative intent into candidate telemetry sources using existing platform catalogs. This skill supports hunt planning by reasoning over available schemas and metadata before analytics development or query execution.
npx skills add https://github.com/OTRF/ThreatHunter-Playbook --skill hunt-data-source-identification
星标 4585 · 安装量 0