Loading...
Loading...
Found 2 Skills
Triage Elastic Security alerts — gather context, classify threats, create cases, and acknowledge. Use when triaging alerts, performing SOC analysis, or investigating detections.
Conducts security investigations on SOC Compass. The AI agent reads workspace context, asks the user to run SIEM queries, analyzes results, and writes verdicts. Supports multiple alerts in parallel via subagent dispatch. Use when the user mentions SOC Compass, security investigations, alert triage, SIEM queries, threat analysis, Splunk, Elastic, Sentinel, IOC lookups, investigation workspaces, or multiple alerts. Do not use for general cybersecurity questions not involving the SOC Compass platform.