feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
+21 -8
View File
@@ -1,18 +1,31 @@
---
name: profiling-threat-actor-groups
description: >
Develops comprehensive threat actor profiles for APT groups, criminal organizations, and
hacktivist collectives by aggregating TTP documentation, historical campaign data, tooling
fingerprints, and attribution indicators from multiple intelligence sources. Use when briefing
executives on sector-specific threats, updating threat model assumptions, or prioritizing
defensive controls against specific adversaries. Activates for requests involving MITRE ATT&CK
Groups, Mandiant APT profiles, CrowdStrike adversary naming, or sector-specific threat briefings.
description: 'Develops comprehensive threat actor profiles for APT groups, criminal organizations, and hacktivist collectives
by aggregating TTP documentation, historical campaign data, tooling fingerprints, and attribution indicators from multiple
intelligence sources. Use when briefing executives on sector-specific threats, updating threat model assumptions, or prioritizing
defensive controls against specific adversaries. Activates for requests involving MITRE ATT&CK Groups, Mandiant APT profiles,
CrowdStrike adversary naming, or sector-specific threat briefings.
'
domain: cybersecurity
subdomain: threat-intelligence
tags: [MITRE-ATT&CK, threat-actor, APT, CrowdStrike, Mandiant, attribution, kill-chain, NIST-CSF]
tags:
- MITRE-ATT&CK
- threat-actor
- APT
- CrowdStrike
- Mandiant
- attribution
- kill-chain
- NIST-CSF
version: 1.0.0
author: mahipal
license: Apache-2.0
nist_csf:
- ID.RA-01
- ID.RA-05
- DE.CM-01
- DE.AE-02
---
# Profiling Threat Actor Groups