mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-16 04:35:18 +03:00
Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
This commit is contained in:
@@ -0,0 +1,53 @@
|
||||
# API Reference: Vulnerability Exception Tracking
|
||||
|
||||
## Exception States
|
||||
| State | Description |
|
||||
|-------|------------|
|
||||
| draft | Initial creation, not yet submitted |
|
||||
| pending_approval | Awaiting approval chain |
|
||||
| approved | All approvers accepted |
|
||||
| rejected | Any approver denied |
|
||||
| expired | Past expiration date |
|
||||
| revoked | Manually revoked |
|
||||
|
||||
## Approval Chain by Severity
|
||||
| Severity | Approvers |
|
||||
|----------|----------|
|
||||
| Critical | Security Lead -> CISO -> Risk Committee |
|
||||
| High | Security Lead -> CISO |
|
||||
| Medium | Security Lead |
|
||||
| Low | Security Lead |
|
||||
|
||||
## Maximum Exception Duration
|
||||
| Severity | Max Days |
|
||||
|----------|---------|
|
||||
| Critical | 30 |
|
||||
| High | 90 |
|
||||
| Medium | 180 |
|
||||
| Low | 365 |
|
||||
|
||||
## ServiceNow GRC API
|
||||
```bash
|
||||
# Create risk exception
|
||||
curl -X POST "https://instance.service-now.com/api/now/table/sn_grc_exception" \
|
||||
-u "user:pass" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d '{"short_description":"CVE-2024-1234 exception","risk_score":"8.5","state":"draft"}'
|
||||
```
|
||||
|
||||
## Archer GRC API
|
||||
```bash
|
||||
# Create exception record
|
||||
curl -X POST "https://archer.example.com/api/core/content" \
|
||||
-H "Authorization: Archer session-token=$TOKEN" \
|
||||
-d '{"Content":{"LevelId":42,"FieldContents":{"1001":{"Value":"Exception for CVE-2024-1234"}}}}'
|
||||
```
|
||||
|
||||
## Compensating Control Categories
|
||||
| Category | Examples |
|
||||
|----------|---------|
|
||||
| Network | Segmentation, ACLs, micro-segmentation |
|
||||
| Monitoring | Enhanced logging, alerting, SIEM rules |
|
||||
| Application | WAF rules, input validation, rate limiting |
|
||||
| Access | MFA, PAM, least privilege enforcement |
|
||||
| Process | Manual review, change control, audit |
|
||||
Reference in New Issue
Block a user