II.
SkillArea JSON
Structured · liveskill-area:threat-detection
Threat Detection json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "skill-area:threat-detection",
"_kind": "SkillArea",
"_file": "domain/skill-areas/skill-areas-ecosystem-expansion.yaml",
"_cluster": "domain",
"attributes": {
"displayName": "Threat Detection",
"description": "Identifying malicious activity across infrastructure and applications —\nSIEM integration, behavioral analytics, IOC correlation, and automated\nalert triage to accelerate incident detection and response.\n",
"domains": [
"domain:cybersecurity"
],
"expertiseLevels": [
"intermediate",
"expert"
]
},
"outgoingEdges": [
{
"from": "skill-area:threat-detection",
"to": "domain:cybersecurity",
"kind": "applies_to",
"attributes": {
"confidence": "primary"
}
}
],
"incomingEdges": [
{
"from": "skill-area:network-security",
"to": "skill-area:threat-detection",
"kind": "prerequisite_for_learning",
"attributes": {
"strength": "recommended"
}
},
{
"from": "specialization:fraud-prevention",
"to": "skill-area:threat-detection",
"kind": "contains"
},
{
"from": "stack-profile:security-operations",
"to": "skill-area:threat-detection",
"kind": "requires_skill_area"
},
{
"from": "stack-profile:siem-platform",
"to": "skill-area:threat-detection",
"kind": "requires_skill_area"
},
{
"from": "tool:falco",
"to": "skill-area:threat-detection",
"kind": "tool_used_by",
"attributes": {}
},
{
"from": "role:threat-analyst",
"to": "skill-area:threat-detection",
"kind": "requires_expertise",
"attributes": {}
},
{
"from": "role:blue-team-lead",
"to": "skill-area:threat-detection",
"kind": "requires_expertise",
"attributes": {}
}
]
}