feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
@@ -1,16 +1,29 @@
---
name: performing-user-behavior-analytics
description: >
Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including
impossible travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based
behavioral baselines and statistical analysis. Use when SOC teams need to identify compromised
accounts or insider threats through deviation from established behavioral norms.
description: 'Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible
travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based behavioral baselines and statistical
analysis. Use when SOC teams need to identify compromised accounts or insider threats through deviation from established
behavioral norms.
'
domain: cybersecurity
subdomain: soc-operations
tags: [soc, ueba, user-behavior, insider-threat, anomaly-detection, splunk, baseline]
version: "1.0"
tags:
- soc
- ueba
- user-behavior
- insider-threat
- anomaly-detection
- splunk
- baseline
version: '1.0'
author: mahipal
license: Apache-2.0
nist_csf:
- DE.CM-01
- DE.AE-02
- RS.MA-01
- DE.AE-06
---
# Performing User Behavior Analytics