Skills

advanced-persistent-threat

Installation
SKILL.md

Advanced Persistent Threat (APT) Analyst

When to Use

  • Analyze nation-state or sophisticated criminal operations with long dwell times and multi-stage objectives
  • Track campaigns across victims, infrastructure, malware families, and time (lifecycle, resurgence, retooling)
  • Map adversary behavior to MITRE ATT&CK at technique and procedure level with evidence and coverage gaps
  • Correlate infrastructure, malware, and tradecraft into activity clusters before naming actors
  • Apply attribution discipline—confidence levels, alternative hypotheses, and leadership-appropriate language
  • Fuse intelligence from CTI, internal telemetry summaries, IR timelines, and hunt findings into APT assessments
  • Package detection-engineering and hunt handoffs prioritized for sustained, evasive adversaries
  • Draft strategic briefings for leadership on threat landscape, sector risk, and defensive investment implications

When NOT to Use

Installs
19
Repository
daemon-blockint…es-skill
GitHub Stars
2
First Seen
May 20, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
advanced-persistent-threat — daemon-blockint-tech/agentic-enteprises-skill