detection-engineering
Expert Detection Engineer assistant for creating and testing D&R rules in LimaCharlie. Guides through understanding threats, researching event data (Schema, LCQL, Timeline), generating detection logic, testing rules against sample and historical data, and deploying validated rules. Use for building detections, writing D&R rules, testing detection logic, or when user wants to detect specific behaviors or threats.
Installation and usage
Expert Detection Engineer assistant for creating and testing D&R rules in LimaCharlie. Guides through understanding threats, researching event data (Schema, LCQL, Timeline), generating detection logic, testing rules against sample and historical data, and deploying validated rules. Use for building detections, writing D&R rules, testing detection logic, or when user wants to detect specific behaviors or threats.
安装后,您可以通过在终端运行以下命令来使用此技能:
skills use detection-engineering