スキル threat-mitigation-mapping
🛡️

threat-mitigation-mapping

安全

Map threats to security controls and mitigations

こちらからも入手できます: wshobson

Security teams struggle to connect identified threats with appropriate countermeasures. This skill provides structured frameworks and control libraries to map threats to effective mitigations.

対応: Claude Codex Code(CC)
🥉 75 ブロンズ
1

スキルZIPをダウンロード

2

Claudeでアップロード

設定 → 機能 → スキル → スキルをアップロードへ移動

3

オンにして利用開始

テストする

「threat-mitigation-mapping」を使用しています。 Map SQL Injection threat to controls

期待される結果:

  • Threat: SQL Injection (INJECTION category)
  • Recommended Controls:
  • - VAL-001: Input Validation Framework (Preventive, Application layer) - Validate and sanitize all user input using parameterized queries
  • - VAL-002: Web Application Firewall (Preventive, Network layer) - Deploy WAF with SQL injection detection rules
  • - LOG-001: Security Event Logging (Detective, Application layer) - Log suspicious query patterns for monitoring

「threat-mitigation-mapping」を使用しています。 Analyze defense-in-depth for authentication system

期待される結果:

  • Defense-in-Depth Analysis:
  • Network Layer: ✓ WAF configured
  • Application Layer: ✓ MFA implemented, ✓ Rate limiting active
  • Data Layer: ✓ Credential encryption at rest
  • Gaps Identified:
  • - No detective controls for authentication anomalies
  • - No corrective controls for compromised accounts
  • Recommendations: Add login anomaly detection and automated account lockout procedures

セキュリティ監査

安全
v1 • 2/25/2026

Static analyzer flagged 54 patterns as potential security issues, but all findings are false positives. The skill consists of markdown documentation files with Python code examples for security planning. Detected patterns include markdown code block formatting (mistaken for shell backticks), documentation reference URLs, and security terminology in example code. No executable malicious code, network calls, or dangerous operations exist.

2
スキャンされたファイル
781
解析された行数
0
検出結果
1
総監査数
セキュリティ問題は見つかりませんでした
監査者: claude

品質スコア

38
アーキテクチャ
100
保守性
87
コンテンツ
50
コミュニティ
100
セキュリティ
100
仕様準拠

作れるもの

Security Architecture Review

Review existing security architecture and identify gaps in threat coverage. Map current controls to known threats and prioritize remediation efforts.

Risk Treatment Planning

Create structured remediation roadmaps for identified risks. Prioritize controls based on threat impact, implementation cost, and effectiveness.

Control Validation

Validate that existing security controls provide adequate coverage for identified threats. Check for defense-in-depth and control diversity.

これらのプロンプトを試す

Basic Threat Mapping 
I have identified the following threats in my system: [list threats]. Map each threat to appropriate security controls using the preventive, detective, and corrective framework.
Control Gap Analysis 
Analyze our current security controls: [list controls]. Identify which threats are not adequately covered and recommend additional controls to close the gaps.
Defense-in-Depth Review 
Review my security architecture for defense-in-depth. Current controls are: [list controls at each layer]. Identify missing layers and recommend controls to achieve layered defense.
Remediation Roadmap 
Create a prioritized implementation roadmap for these security controls: [list controls]. Consider threat impact, implementation cost, and dependencies. Organize into phases with clear priorities.

ベストプラクティス

  • Map every identified threat to at least one control from each category: preventive, detective, and corrective
  • Implement controls at multiple layers to achieve defense-in-depth rather than relying on single points of protection
  • Regularly review and test control effectiveness as threats and systems evolve over time

回避

  • Relying on a single control type such as only preventive measures without detection or response capabilities
  • Implementing controls without measuring their effectiveness or verifying they work as intended
  • Treating security controls as set-and-forget without regular review and updates as the threat landscape changes

よくある質問

What is defense-in-depth and why does it matter?
Defense-in-depth means implementing security controls at multiple layers such as network, application, and data. If one control fails, other layers still provide protection. This reduces single points of failure in your security architecture.
How do I prioritize which controls to implement first?
Prioritize controls that address critical and high-impact threats first. Consider implementation cost, effectiveness, and whether the control mitigates multiple threats. Quick wins with high effectiveness and low cost should be prioritized.
What is the difference between preventive, detective, and corrective controls?
Preventive controls stop attacks before they occur like firewalls or input validation. Detective controls identify attacks in progress like intrusion detection systems. Corrective controls respond to and recover from attacks like incident response procedures.
How often should I review my threat mitigation mappings?
Review threat mappings at least annually or when significant changes occur such as new features, infrastructure changes, or emerging threats. Security controls can degrade in effectiveness over time and need regular validation.
Can this skill help with compliance requirements?
Yes. The control library includes references to common compliance frameworks like PCI-DSS, NIST, and SOC2. Mappings can demonstrate due diligence in addressing identified risks which supports compliance audits.
What if I have limited security budget?
Focus on high-effectiveness, low-cost controls first. Input validation, logging, and access controls typically provide strong ROI. The skill can optimize recommendations based on budget constraints and help build a phased implementation roadmap.

開発者の詳細

作成者

sickn33

ライセンス

MIT

リポジトリ

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/threat-mitigation-mapping

参照

main

ファイル構成

📁 resources/

📄 implementation-playbook.md

📄 SKILL.md