Analytic Story Builder
CommunityGroup detections into threat narratives.
Software Engineering#threat intelligence#siem#mitre att&ck#detection engineering#security monitoring#analytic stories
AuthorMHaggis
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill streamlines the process of organizing individual security detection rules into cohesive "analytic stories" that represent specific threat scenarios, campaigns, or attack chains, improving overall security posture clarity and management.
Core Features & Use Cases
- Narrative Grouping: Consolidates related detections into a single, understandable threat story.
- SIEM Adaptation: Provides canonical formats (Splunk ESCU) adaptable to Elastic, Sentinel, Sigma, and Chronicle SOAR.
- Use Case: When a new ransomware campaign emerges, use this Skill to group all newly created detections related to that campaign into a single "Analytic Story" for easier tracking and reporting.
Quick Start
Use the Analytic Story Builder skill to create a new story for the 'STORM-0501 Ransomware' campaign.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: Analytic Story Builder Download link: https://github.com/MHaggis/Security-Detections-MCP/archive/main.zip#analytic-story-builder Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.