From security-scanning
Map identified threats to appropriate security controls and mitigations for prioritizing security investments, creating remediation plans, or validating control effectiveness.
How this skill is triggered — by the user, by Claude, or both
Slash command
/security-scanning:threat-mitigation-mappingThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Connect threats to controls for effective security planning.
Connect threats to controls for effective security planning.
Preventive ────► Stop attacks before they occur
│ (Firewall, Input validation)
│
Detective ─────► Identify attacks in progress
│ (IDS, Log monitoring)
│
Corrective ────► Respond and recover from attacks
(Incident response, Backup restore)
| Layer | Examples |
|---|---|
| Network | Firewall, WAF, DDoS protection |
| Application | Input validation, authentication |
| Data | Encryption, access controls |
| Endpoint | EDR, patch management |
| Process | Security training, incident response |
┌──────────────────────┐
│ Perimeter │ ← Firewall, WAF
│ ┌──────────────┐ │
│ │ Network │ │ ← Segmentation, IDS
│ │ ┌────────┐ │ │
│ │ │ Host │ │ │ ← EDR, Hardening
│ │ │ ┌────┐ │ │ │
│ │ │ │App │ │ │ │ ← Auth, Validation
│ │ │ │Data│ │ │ │ ← Encryption
│ │ │ └────┘ │ │ │
│ │ └────────┘ │ │
│ └──────────────┘ │
└──────────────────────┘
Full template library and detailed mitigation/control mappings live in references/details.md. Read that file when you need the concrete templates for: Mitigation Model, Defense in Depth scoring, Executive Summary scaffolding, Critical Gaps reporting, Recommendations, Implementation Roadmap, Results by Control.
npx claudepluginhub wshobson/agents --plugin security-scanning3plugins reuse this skill
First indexed Jul 7, 2026
Map identified threats to appropriate security controls and mitigations for prioritizing security investments, creating remediation plans, or validating control effectiveness.
Maps identified threats to security controls and mitigations for prioritization, remediation planning, and control validation.
Maps identified threats to security controls and mitigations for remediation planning, investment prioritization, and defense-in-depth validation.