Skills
.Work. You
Rest

defensive-soc-workflows

Community

Streamline SOC triage and response workflows

Data & Analytics#triage#workflows#escalation#incident#soc#soar
Authorriparino
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Standardizes and automates SOC triage and escalation processes to reduce MTTR and ensure consistent handling of alerts across teams.

Core Features & Use Cases

  • Alert Triage SOP: consistent intake and initial classification.
  • Escalation Matrix: defined SLAs and escalation paths for L1/L2/L3.
  • SOAR Automation: integration patterns to automate enrichment and containment.
  • Shift Handoff: documented open incidents and next steps for seamless transitions.
  • KQL Guidance: open incidents, alert queue, and performance dashboards.
  • Use Case: implement for 24/7 SOC operations across multiple regions.

Quick Start

Load the SOC Workflows skill and apply the Alert Triage SOP to triage the latest incident and document next actions.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: defensive-soc-workflows
Download link: https://github.com/riparino/Claude-Cyber/archive/main.zip#defensive-soc-workflows

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.