mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 22:24:56 +03:00
mukul975
32 lines
1.5 KiB
Markdown
32 lines
1.5 KiB
Markdown
# TIP Architecture Workflows
|
|
|
|
## Workflow 1: End-to-End Intelligence Pipeline
|
|
```
|
|
[External Feeds] --> [MISP] --> [OpenCTI] --> [Enrichment (Cortex)] --> [SIEM/TheHive]
|
|
| | | | |
|
|
v v v v v
|
|
OSINT/Commercial Correlate Knowledge Graph VT/Shodan/AIPDB Alerts/Cases
|
|
```
|
|
|
|
## Workflow 2: Incident-to-Intelligence Feedback Loop
|
|
```
|
|
[SOC Alert] --> [TheHive Case] --> [Cortex Analysis] --> [IOC Extraction]
|
|
|
|
|
v
|
|
[MISP Event Creation]
|
|
|
|
|
v
|
|
[OpenCTI Knowledge Update]
|
|
|
|
|
v
|
|
[Updated Detections --> SIEM]
|
|
```
|
|
|
|
## Workflow 3: Platform Health Monitoring
|
|
```
|
|
[Prometheus/Grafana] --> [Component Health] --> [Feed Status] --> [Alert on Failure]
|
|
| |
|
|
v v
|
|
[ES Cluster Health] [Connector Status]
|
|
```
|