Soc Alert Triage

Use when a SOC, MDR, or incident-response analyst needs to triage a single security alert from a SIEM, EDR, XDR, or detection pipeline. Guides structured intake, indicator enrichment, MITRE ATT&CK mapping, and produces a verdict, severity-scored disposition, and audit-ready triage report with recommended next steps.

Install

openclaw skills install @archlab-space/soc-alert-triage