detection-engineering
CommunityBuild high-fidelity threat detections.
Software Engineering#cybersecurity#incident response#threat detection#mitre att&ck#detection engineering#sigma rules
Authorjaskaranhundal
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses the critical need for effective and precise threat detection rules, ensuring that security teams can identify and respond to threats quickly while minimizing false positives.
Core Features & Use Cases
- Detection Rule Authoring: Creates detection logic in formats like Sigma, KQL, SPL, and YARA.
- Fidelity Assurance: Focuses on high precision and recall, aiming for a low false-positive rate (<5% week 1).
- Use Case: When a new TTP is discovered by threat hunting, this Skill can be used to rapidly design, validate, and deploy a detection rule to cover that gap across SIEM and EDR platforms.
Quick Start
Use the detection-engineering skill to design a Sigma rule for detecting PowerShell encoded commands.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detection-engineering Download link: https://github.com/jaskaranhundal/usap-skills/archive/main.zip#detection-engineering Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.