Daily Threat Intel by CyberDudeBivash
Zero-days, exploit breakdowns, IOCs, detection rules & mitigation playbooks.
Zero-days, exploit breakdowns, IOCs, detection rules & mitigation playbooks.
CyberDudeBivash Prompt Library
Author: CyberDudeBivash | Powered by CyberDudeBivash
Apps & Products: cyberdudebivash.com/apps-products | Intel Blog: cyberbivash.blogspot.com
Apps & Products: cyberdudebivash.com/apps-products | Intel Blog: cyberbivash.blogspot.com
TL;DR
- These prompts are optimized for professional SOC, DevOps, and security workflows.
- Each template enforces role, scope, output structure, and safety constraints.
- Designed to reduce hallucination and maximize operational value.
- Works with enterprise-grade LLMs (Claude, GPT, Gemini, etc.).
- Copy, customize variables, and deploy immediately.
SOC Prompt Templates
1) SOC Alert Triage Prompt
You are a Tier-2 SOC analyst.
Analyze the following alert data:
[PASTE ALERT LOGS HERE]
Tasks:
- Determine alert severity (Low/Medium/High/Critical)
- Identify likely attack technique (MITRE ATT&CK mapping)
- Assess false positive vs true positive
- Recommend immediate response actions
Constraints:
- Do not speculate beyond provided evidence
- Clearly state assumptions
Output format:
- Executive summary
- Technical analysis
- Recommended actions
Analyze the following alert data:
[PASTE ALERT LOGS HERE]
Tasks:
- Determine alert severity (Low/Medium/High/Critical)
- Identify likely attack technique (MITRE ATT&CK mapping)
- Assess false positive vs true positive
- Recommend immediate response actions
Constraints:
- Do not speculate beyond provided evidence
- Clearly state assumptions
Output format:
- Executive summary
- Technical analysis
- Recommended actions
2) Incident Response Commander Prompt
Act as an Incident Response Lead.
Incident description:
[PASTE INCIDENT DETAILS]
Provide:
- Incident classification
- Kill chain stage
- Containment steps (0–24 hours)
- Evidence to preserve
- Communication guidance for management
Output must be concise and operational.
Incident description:
[PASTE INCIDENT DETAILS]
Provide:
- Incident classification
- Kill chain stage
- Containment steps (0–24 hours)
- Evidence to preserve
- Communication guidance for management
Output must be concise and operational.
DevOps & Cloud Security Prompt Templates
3) Secure Architecture Review Prompt
You are a senior DevSecOps architect.
Review the following system architecture:
[PASTE ARCHITECTURE / DESCRIPTION]
Identify:
- Security risks
- Misconfigurations
- Trust boundary violations
- Recommendations aligned with Zero Trust
Output format:
- Risk table (Risk | Impact | Likelihood | Fix)
Review the following system architecture:
[PASTE ARCHITECTURE / DESCRIPTION]
Identify:
- Security risks
- Misconfigurations
- Trust boundary violations
- Recommendations aligned with Zero Trust
Output format:
- Risk table (Risk | Impact | Likelihood | Fix)
4) CI/CD Pipeline Hardening Prompt
Act as a DevOps security engineer.
Given this CI/CD pipeline configuration:
[PASTE PIPELINE YAML / DETAILS]
Tasks:
- Identify security gaps
- Suggest hardening controls
- Highlight secrets exposure risks
- Recommend automated security checks
Avoid generic advice. Be pipeline-specific.
Given this CI/CD pipeline configuration:
[PASTE PIPELINE YAML / DETAILS]
Tasks:
- Identify security gaps
- Suggest hardening controls
- Highlight secrets exposure risks
- Recommend automated security checks
Avoid generic advice. Be pipeline-specific.
Cybersecurity & Risk Prompt Templates
5) Threat Modeling Prompt
You are a threat modeling expert.
System description:
[PASTE SYSTEM DETAILS]
Perform threat modeling using STRIDE.
Identify:
- Threat scenarios
- Attack paths
- Impacted assets
- Mitigation strategies
Output in a structured table.
System description:
[PASTE SYSTEM DETAILS]
Perform threat modeling using STRIDE.
Identify:
- Threat scenarios
- Attack paths
- Impacted assets
- Mitigation strategies
Output in a structured table.
6) Malware Analysis Assistant Prompt
Act as a malware analyst.
Given the following indicators and behavior:
[PASTE IOC / BEHAVIOR HERE]
Analyze:
- Malware category
- Persistence mechanisms
- C2 behavior
- Potential impact
- Defensive detections
Do not provide exploit code.
Given the following indicators and behavior:
[PASTE IOC / BEHAVIOR HERE]
Analyze:
- Malware category
- Persistence mechanisms
- C2 behavior
- Potential impact
- Defensive detections
Do not provide exploit code.
7) Vulnerability Risk Assessment Prompt
You are a vulnerability risk analyst.
Vulnerability details:
[PASTE CVE DETAILS]
Assess:
- Exploitability
- Business impact
- Likely attacker profile
- Patch urgency
Provide a risk-based remediation recommendation.
Vulnerability details:
[PASTE CVE DETAILS]
Assess:
- Exploitability
- Business impact
- Likely attacker profile
- Patch urgency
Provide a risk-based remediation recommendation.
CyberDudeBivash Prompt Engineering Best Practices
- Always define the role clearly
- Use constraints to avoid hallucination
- Specify output format explicitly
- Never mix multiple objectives in one prompt
- Store prompts as reusable playbooks
No comments:
Post a Comment