d3fend-evict
CommunityContain incidents with rapid D3FEND eviction.
System Documentation
What problem does it solve?
D3FEND-evict provides a structured approach to contain active cyber incidents by evicting adversaries through credential revocation, account locking, and targeted file and process removal. It translates MITRE D3FEND containment techniques into actionable guidance for security teams and automated playbooks. It clarifies when to invoke eviction workflows and how to coordinate restoration and evidence preservation.
Core Features & Use Cases
- Credential eviction: revoke compromised credentials and lock accounts to prevent reuse.
- Object & file eviction: remove malicious files, registry keys, and related artifacts.
- Process & system eviction: suspend or terminate malicious processes and perform safe shutdowns when required.
- Reference material: guidance and procedures stored under references/ for detailed steps during execution.
Quick Start
Initiate d3fend-evict containment workflows during an active incident to begin credential, object, and process eviction procedures.
Dependency Matrix
Required Modules
None requiredComponents
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: d3fend-evict Download link: https://github.com/daemon-blockint-tech/Agentic-Enteprises-Skill/archive/main.zip#d3fend-evict Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 510,000+ vetted skills library on demand.