creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
757f1c8eae4e288d20f7dfde7f7a42a4d30cffc7
Anthropic-Cybersecurity-Skills/skills/containing-active-security-breach/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

1.4 KiB
Raw Blame History

Active Security Breach Containment — API Reference

Libraries

Library Install Purpose
requests pip install requests EDR API calls for host isolation
falconpy pip install crowdstrike-falconpy CrowdStrike Falcon SDK
ldap3 pip install ldap3 AD account disable via LDAP

CrowdStrike Falcon Host Isolation

from falconpy import Hosts
hosts = Hosts(client_id="ID", client_secret="SECRET")
hosts.perform_action(action_name="contain", ids=["device_id"])

Containment Actions

Action Method Scope
Host Isolation EDR API (CrowdStrike, Defender) Single endpoint
Account Disable Disable-ADAccount / LDAP User identity
IP Block Firewall rule / NGFW API Network perimeter
Session Revoke Revoke-AzureADUserAllRefreshToken Cloud sessions
Token Invalidation IdP API OAuth/SAML tokens

NIST IR Phases

Phase Actions
Containment Isolate, disable, block
Eradication Remove malware, patch vulnerabilities
Recovery Restore, validate, monitor

External References

Reference in New Issue View Git Blame Copy Permalink