feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
@@ -1,18 +1,30 @@
---
name: detecting-stuxnet-style-attacks
description: >
This skill covers detecting sophisticated cyber-physical attacks that follow the
Stuxnet attack pattern of modifying PLC logic while spoofing sensor readings to
hide the manipulation from operators. It addresses PLC logic integrity monitoring,
physics-based process anomaly detection, engineering workstation compromise indicators,
USB-borne attack vectors, and multi-stage attack chain detection spanning IT-to-OT
lateral movement through to process manipulation.
description: 'This skill covers detecting sophisticated cyber-physical attacks that follow the Stuxnet attack pattern of modifying
PLC logic while spoofing sensor readings to hide the manipulation from operators. It addresses PLC logic integrity monitoring,
physics-based process anomaly detection, engineering workstation compromise indicators, USB-borne attack vectors, and multi-stage
attack chain detection spanning IT-to-OT lateral movement through to process manipulation.
'
domain: cybersecurity
subdomain: ot-ics-security
tags: [ot-security, ics, scada, industrial-control, iec62443, stuxnet, plc-integrity, apt]
tags:
- ot-security
- ics
- scada
- industrial-control
- iec62443
- stuxnet
- plc-integrity
- apt
version: 1.0.0
author: mahipal
license: Apache-2.0
nist_csf:
- PR.IR-01
- DE.CM-01
- ID.AM-05
- GV.OC-02
---
# Detecting Stuxnet-Style Attacks