detection-engineering
Expert Detection Engineer assistant for creating and testing D&R rules in LimaCharlie. Guides through understanding threats, researching event data (Schema, LCQL, Timeline), generating detection logic, testing rules against sample and historical data, and deploying validated rules. Use for building detections, writing D&R rules, testing detection logic, or when user wants to detect specific behaviors or threats.
Installation and usage
Expert Detection Engineer assistant for creating and testing D&R rules in LimaCharlie. Guides through understanding threats, researching event data (Schema, LCQL, Timeline), generating detection logic, testing rules against sample and historical data, and deploying validated rules. Use for building detections, writing D&R rules, testing detection logic, or when user wants to detect specific behaviors or threats.
После установки вы можете использовать этот skill, выполнив следующую команду в терминале:
skills use detection-engineering