// THREAT DETECTION AND DATA PRIVACY TERM
Skill
A skill is a specific, observable action that an attacker uses to achieve a goal during a cyberattack. It's a single, defined procedure, like using a particular command to steal credentials from memory.
TECHNICAL DEFINITION
In cybersecurity incident response and threat intelligence, a 'skill' refers to a granular, atomic adversary technique or procedure used to accomplish a tactical objective within an attack lifecycle. These skills are often mapped to frameworks like MITRE ATT&CK (as techniques or sub-techniques) and are used in SOAR platforms to trigger automated defensive playbooks.
BACKGROUND
In computer security, Capture the Flag (CTF) is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants or from organizers. A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport with the same name. CTFs are used as a tool for developing and refining cybersecurity skills, making them popular in both professional and academic settings.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Technique
- Procedure
- TTP
- Attack Pattern
- Adversary Action
- Sub-technique
- Play
USAGE NOTE
The term is frequently used in SOAR and XDR platforms to describe the specific adversary behavior that a defensive playbook is designed to counter.
DEVELOPERS
Organizations developing technology related to Skill.
Develops a human cyber readiness platform that uses gamified, hands-on labs to upskill and assess the cybersecurity capabilities of individuals and teams.
An online cybersecurity training platform that allows individuals and organizations to level up their penetration testing and cyber defense skills through a gamified, hands-on environment.
Provides a cloud-based, interactive platform for hands-on cybersecurity skills development, focused on training for SOC analysts, cloud security engineers, and other defensive roles.
Creator of a hyper-realistic cyber range platform that provides simulated training for cybersecurity professionals, enabling them to practice responding to complex, real-world cyberattacks.
An information security training company that provides hands-on penetration testing training and certifications (like the OSCP) through challenging lab environments that demand practical skill application.
A leading organization for information security training and certification, which develops and operates sophisticated cyber ranges like NetWars for hands-on skill validation and competitive training exercises.
An online platform that teaches cybersecurity through short, gamified, real-world labs. It provides guided learning paths and hands-on challenges accessible through a web browser.