Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
Analyzes proxy, DNS query, and netflow logs using Python pandas to detect Shadow IT: unauthorized SaaS/cloud services. Aggregates traffic by domain, classifies SaaS categories, scores risks, generates JSON reports.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:detecting-shadow-it-cloud-usageThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
影子 IT(Shadow IT)是指员工未经 IT 部门批准而使用的未授权 SaaS 应用程序和云服务。本 skill 通过分析代理日志、DNS 查询日志和防火墙/网络流数据,识别未授权的云服务使用,将发现的域名分类至已知 SaaS 类别,测量数据传输量,并根据安全状况和合规要求标记高风险服务。
影子 IT(Shadow IT)是指员工未经 IT 部门批准而使用的未授权 SaaS 应用程序和云服务。本 skill 通过分析代理日志、DNS 查询日志和防火墙/网络流数据,识别未授权的云服务使用,将发现的域名分类至已知 SaaS 类别,测量数据传输量,并根据安全状况和合规要求标记高风险服务。
pandas、tldextractnpx claudepluginhub killvxk/cybersecurity-skills-zhDetects unauthorized SaaS and cloud service usage by analyzing proxy logs, DNS logs, and netflow data with Python pandas. Generates risk-scored shadow IT reports for SOC analysts.
Detects unauthorized SaaS and cloud service usage by analyzing proxy logs, DNS query logs, and netflow data with Python pandas for traffic pattern analysis and domain classification.
Detects shadow IT by analyzing proxy logs, DNS queries, and netflow data with Python pandas; classifies SaaS domains, flags unauthorized services, scores risks, generates reports. For SOC threat hunting and compliance audits.