Can this skill handle STIX and TAXII data feeds?

Yes, it is designed to evaluate, integrate, and produce intelligence in STIX 2.1 format, making it compatible with modern Threat Intelligence Platforms (TIPs) and TAXII servers.

What frameworks does this skill use for threat analysis?

The skill utilizes industry-standard frameworks including the Diamond Model for campaign analysis, MITRE ATT&CK for technique mapping, and the Intelligence Community's analytic standards for assessing confidence.

How does it help with security prioritization?

By mapping specific threat actors to MITRE ATT&CK sub-techniques, the skill identifies which gaps in your detection coverage are most likely to be exploited, allowing for intelligence-led budgeting and resource allocation.

What is the difference between tactical and strategic intelligence in this skill?

Tactical intelligence provides technical details like TTPs and Sigma rules for detection teams, while strategic intelligence provides high-level trend analysis and business impact assessments for executive leadership.

Threat Intelligence Analyst

Name: Threat Intelligence Analyst
Author: coreymaypray

bycoreymaypray

0•

安全与测试

Conducts advanced cyber threat intelligence analysis to profile APT actors, map campaign infrastructure, and produce actionable strategic and tactical reports.

The Threat Intelligence Analyst skill transforms raw security data into actionable intelligence by applying structured analytic techniques across the full intelligence lifecycle. It moves beyond simple indicator management to answer critical questions about adversary motivations, infrastructure patterns, and future objectives. By integrating frameworks like the Diamond Model and MITRE ATT&CK, this skill helps security teams prioritize defense efforts, map detection gaps, and provide leadership with clear, confidence-rated assessments of the organizational threat landscape. It is designed to support everyone from SOC analysts needing tactical TTPs to CISOs requiring strategic risk assessments.

主要功能

01Structured Analytic Techniques (ACH, Key Assumptions Check)

02APT Profiling & Campaign Analysis using the Diamond Model

03STIX/TAXII 2.1 Indicator Lifecycle Management

04Strategic & Tactical Intelligence Production

050 GitHub stars

06MITRE ATT&CK Mapping & Technique Prioritization

使用场景

01Generating board-ready threat landscape briefings that translate technical risks into business impact.

02Profiling advanced persistent threats (APTs) targeting specific industry verticals to anticipate future attacks.

03Converting raw technical indicators (IOCs) into enriched, context-heavy intelligence for SOC detection teams.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add coreymaypray/sloth-skill-tree threat-intel-analyst

For use in Claude.ai and ChatGPT

主要功能

01Structured Analytic Techniques (ACH, Key Assumptions Check)

02APT Profiling & Campaign Analysis using the Diamond Model

03STIX/TAXII 2.1 Indicator Lifecycle Management

04Strategic & Tactical Intelligence Production

050 GitHub stars

06MITRE ATT&CK Mapping & Technique Prioritization

使用场景

01Generating board-ready threat landscape briefings that translate technical risks into business impact.

02Profiling advanced persistent threats (APTs) targeting specific industry verticals to anticipate future attacks.

03Converting raw technical indicators (IOCs) into enriched, context-heavy intelligence for SOC detection teams.