microsoft-defender
OfficialUnified Microsoft security operations
Software Engineering#incident response#vulnerability management#threat hunting#security operations#sentinel#mde#microsoft defender
AuthorNCLGISA
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill streamlines complex security operations by consolidating access to Microsoft Defender XDR, Defender for Endpoint (MDE P2), and Microsoft Sentinel into a single, unified interface, reducing the need to navigate multiple portals.
Core Features & Use Cases
- Unified Threat Hunting: Perform advanced KQL queries across endpoint and SIEM data.
- Incident Management: Investigate, manage, and respond to security incidents.
- Endpoint Response: Execute actions like isolating machines or collecting forensic data.
- Vulnerability Management: Track and manage vulnerabilities across your environment.
- Threat Indicator Management: Manage Indicators of Compromise (IoCs) for proactive defense.
- Sentinel Operations: Manage analytics rules, watchlists, and automation rules.
- Use Case: A security analyst can use this Skill to quickly hunt for suspicious processes across all endpoints, investigate any related incidents, isolate a compromised machine, and block identified malicious IP addresses, all from a single command-line interface.
Quick Start
Use the microsoft-defender skill to list all active high-severity incidents.
Dependency Matrix
Required Modules
None requiredComponents
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: microsoft-defender Download link: https://github.com/NCLGISA/trellis-catalog/archive/main.zip#microsoft-defender Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.