Skills
.Work. You
Rest

enrich-ioc

Community

Enrich IOCs with threat intel automatically.

Data & Analytics#enrichment#incident-response#siem#threat-hunting#threat-intelligence#ioc#gti
Authordandye
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Enrich IOC indicators with GTI and Chronicle SIEM context to produce threat intelligence findings and contextual summaries.

Core Features & Use Cases

  • GTI enrichment for IPs, domains, file hashes, and URLs to surface reputation and contextual context
  • SIEM entity lookup to attach first/last seen, related alerts, and assets
  • IOC match assessment to determine if the indicator appears in threat feeds and generate a THREAT_SCORE and MALICIOUS_CONFIDENCE
  • Use case: During an investigation, enrich a suspected IOC to quickly determine its threat posture and related indicators

Quick Start

Enrich an IOC value using GTI and Chronicle SIEM to return threat intel findings, SIEM entity summary, and IOC match status.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: enrich-ioc
Download link: https://github.com/dandye/ai-runbooks/archive/main.zip#enrich-ioc

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.