What security frameworks does the Cybersecurity Analyst skill support?

This skill supports a wide range of industry-standard frameworks including the CIA triad, STRIDE, MITRE ATT&CK, NIST SP 800-207 (Zero Trust), and OWASP principles.

Can this skill help with regulatory compliance?

Yes, it can be used to assess system adherence to various security standards such as SOC 2, PCI-DSS, HIPAA, and GDPR by evaluating controls and identifying gaps.

Is this skill suitable for analyzing active security incidents?

While it is a powerful tool for analyzing breach patterns and designing response strategies, it should be used as an advisory component within a broader human-led incident response process.

How does it help with threat modeling?

It provides a structured approach to identify potential threats (Spoofing, Tampering, etc.) during the design phase, allowing you to mitigate risks before code is even written.

Cybersecurity Analyst

Name: Cybersecurity Analyst
Author: rysweet

byrysweet

•

Security & Testing

Performs expert security audits, threat modeling, and vulnerability assessments using industry-standard frameworks like MITRE ATT&CK and STRIDE.

The Cybersecurity Analyst skill empowers Claude to act as a specialized security consultant, applying rigorous frameworks such as the CIA triad, Defense-in-Depth, and Zero Trust to evaluate system architectures. It provides structured insights into potential attack vectors, identifies vulnerabilities in code and infrastructure, and assists in designing robust incident response plans. By leveraging methodologies like STRIDE for threat modeling and MITRE ATT&CK for adversary behavior analysis, this skill ensures that security is integrated into every stage of the development lifecycle, from initial design to production deployment.

Key Features

01Detailed attack surface analysis to identify and minimize exposure points

02Risk assessment and prioritization based on CVSS and FAIR standards

0316 GitHub stars

04Comprehensive threat modeling using STRIDE, PASTA, and VAST methodologies

05Adversary technique mapping using the MITRE ATT&CK framework

06Zero Trust architecture review and implementation guidance

Use Cases

01Conducting security architecture reviews for cloud-native applications and microservices

02Performing deep-dive vulnerability assessments and code security reviews to find logic flaws

03Designing incident response strategies and containment procedures for potential breaches

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add rysweet/amplihack cybersecurity-analyst

For use in Claude.ai and ChatGPT

Download Skill