purple-ai
OfficialAI-powered threat investigation
Software Engineering#cybersecurity#threat hunting#mitre att&ck#sentinelone#threat investigation#purple ai#powerquery
Authorwyre-technology
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill empowers cybersecurity analysts to rapidly investigate threats, hunt for malicious activity, and understand security incidents using natural language queries within the SentinelOne platform.
Core Features & Use Cases
- Natural Language Investigation: Ask questions about threats, behaviors, and anomalies in plain English.
- PowerQuery Generation: Automatically generates PowerQuery strings for in-depth data analysis.
- MITRE ATT&CK Mapping: Provides context by mapping findings to MITRE ATT&CK techniques.
- Use Case: An analyst can ask "Find PowerShell processes connecting to external IPs in the last 24 hours" and receive both an analysis and a ready-to-execute PowerQuery.
Quick Start
Use the purple_ai tool to investigate suspicious PowerShell activity by asking it to find PowerShell processes that have established network connections to external IP addresses in the last 24 hours.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: purple-ai Download link: https://github.com/wyre-technology/msp-claude-plugins/archive/main.zip#purple-ai Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.