II.
SkillArea JSON
Structured · liveskill-area:security-monitoring-siem
Security Monitoring and SIEM json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "skill-area:security-monitoring-siem",
"_kind": "SkillArea",
"_file": "domain/skill-areas/curated-domain-task-skill-areas.yaml",
"_cluster": "domain",
"attributes": {
"displayName": "Security Monitoring and SIEM",
"description": "Operating security telemetry and detections - event ingestion,\ncorrelation, alert fidelity, and investigation-friendly signal design.\n",
"domains": [
"domain:cybersecurity",
"domain:observability"
],
"expertiseLevels": [
"intermediate",
"expert"
]
},
"outgoingEdges": [
{
"from": "skill-area:security-monitoring-siem",
"to": "domain:cybersecurity",
"kind": "applies_to",
"attributes": {
"confidence": "primary"
}
},
{
"from": "skill-area:security-monitoring-siem",
"to": "domain:observability",
"kind": "applies_to",
"attributes": {
"confidence": "secondary"
}
},
{
"from": "skill-area:security-monitoring-siem",
"to": "skill-area:observability-pipeline",
"kind": "requires_skill_area"
}
],
"incomingEdges": [
{
"from": "skill-area:application-security",
"to": "skill-area:security-monitoring-siem",
"kind": "prerequisite_for_learning",
"attributes": {
"strength": "recommended"
}
},
{
"from": "stack-profile:siem-platform",
"to": "skill-area:security-monitoring-siem",
"kind": "requires_skill_area"
},
{
"from": "lib-agent:security-compliance--forensic-analysis-agent",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-agent:security-compliance--incident-triage-agent",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-agent:security-compliance--threat-intelligence-agent",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-agent:security-research--threat-intel-analyst",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-skill:security-compliance--soc2-compliance-automator",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-skill:security-compliance--vendor-risk-monitor",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-skill:security-research--incident-forensics",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-skill:security-research--stix-taxii",
"to": "skill-area:security-monitoring-siem",
"kind": "lib_requires_skill_area",
"attributes": {
"weight": 0.7
}
},
{
"from": "responsibility:security-incident-triage",
"to": "skill-area:security-monitoring-siem",
"kind": "requires_expertise",
"attributes": {}
},
{
"from": "role:soc-analyst",
"to": "skill-area:security-monitoring-siem",
"kind": "requires_expertise",
"attributes": {}
},
{
"from": "role:blue-team-lead",
"to": "skill-area:security-monitoring-siem",
"kind": "requires_expertise",
"attributes": {}
},
{
"from": "workflow:security-incident-response",
"to": "skill-area:security-monitoring-siem",
"kind": "requires_skill_area",
"attributes": {}
}
]
}