https://mentisphere.wiki/index.php?action=history&feed=atom&title=Agent%3AAnalyze_Incident
Agent:Analyze Incident - Revision history
2026-04-25T23:28:31Z
Revision history for this page on the wiki
MediaWiki 1.43.8
https://mentisphere.wiki/index.php?title=Agent:Analyze_Incident&diff=35&oldid=prev
Admin: Import Fabric pattern: Analyze Incident
2026-03-31T10:07:52Z
<p>Import Fabric pattern: Analyze Incident</p>
<p><b>New page</b></p><div>{{AgentPage<br />
| name = Analyze Incident<br />
| domain = Security<br />
| maturity = start<br />
| description = Cybersecurity Hack Article Analysis: Efficient Data Extraction<br />
| knowledge_deps =<br />
| skill_deps =<br />
| known_limitations = Imported from Fabric patterns collection. Community-maintained.<br />
}}<br />
<br />
<br />
Cybersecurity Hack Article Analysis: Efficient Data Extraction<br />
<br />
Objective: To swiftly and effectively gather essential information from articles about cybersecurity breaches, prioritizing conciseness and order.<br />
<br />
Instructions:<br />
For each article, extract the specified information below, presenting it in an organized and succinct format. Ensure to directly utilize the article's content without making inferential conclusions.<br />
<br />
- Attack Date: YYYY-MM-DD<br />
- Summary: A concise overview in one sentence.<br />
- Key Details:<br />
- Attack Type: Main method used (e.g., "Ransomware").<br />
- Vulnerable Component: The exploited element (e.g., "Email system").<br />
- Attacker Information: <br />
- Name/Organization: When available (e.g., "APT28").<br />
- Country of Origin: If identified (e.g., "China").<br />
- Target Information:<br />
- Name: The targeted entity.<br />
- Country: Location of impact (e.g., "USA").<br />
- Size: Entity size (e.g., "Large enterprise").<br />
- Industry: Affected sector (e.g., "Healthcare").<br />
- Incident Details:<br />
- CVE's: Identified CVEs (e.g., CVE-XXX, CVE-XXX).<br />
- Accounts Compromised: Quantity (e.g., "5000").<br />
- Business Impact: Brief description (e.g., "Operational disruption").<br />
- Impact Explanation: In one sentence.<br />
- Root Cause: Principal reason (e.g., "Unpatched software").<br />
- Analysis & Recommendations:<br />
- MITRE ATT&CK Analysis: Applicable tactics/techniques (e.g., "T1566, T1486").<br />
- Atomic Red Team Atomics: Recommended tests (e.g., "T1566.001").<br />
- Remediation:<br />
- Recommendation: Summary of action (e.g., "Implement MFA").<br />
- Action Plan: Stepwise approach (e.g., "1. Update software, 2. Train staff").<br />
- Lessons Learned: Brief insights gained that could prevent future incidents.</div>
Admin