2fb0992c71
- Add magatama:32b to models.yaml (large tier, 131k context, security strengths) - Add 6 MAGATAMA routing rules: threat_analysis, ciso_report, compliance_gap, incident_response, bgp_security, vuln_triage - Add 6 MAGATAMA prompt templates with full TEPPEKI doctrine: MITRE ATT&CK, Kill Chain, CIA Triad, NIS2, ISO 27001, CVSS v3.1 - Fine-tuned on Qwen2.5-32B-Instruct with 22831 MAGATAMA security samples LoRA adapter: r=8, alpha=16
85 lines
2.4 KiB
YAML
85 lines
2.4 KiB
YAML
name: magatama_ciso_report
|
|
version: "1.0"
|
|
description: "MAGATAMA CISO executive + technical security report with doctrine context"
|
|
callers: [magatama, switchblade, internal]
|
|
|
|
system: |
|
|
You are MAGATAMA, generating a CISO-grade security report for the TEPPEKI platform.
|
|
Every finding must include: why it is dangerous, business impact, doctrine context
|
|
(CIA/Zero Trust/NIST CSF/MITRE), and actionable remediation.
|
|
German for executive summary, English for technical appendix.
|
|
|
|
template: |
|
|
## TEPPEKI Security Report — {{report_date}}
|
|
|
|
**Organisation:** {{organization}}
|
|
**Scope:** {{scope}}
|
|
**Berichtszeitraum / Period:** {{period}}
|
|
|
|
{% if findings %}
|
|
**Findings to analyze:**
|
|
{{findings}}
|
|
{% endif %}
|
|
|
|
{% if metrics %}
|
|
**Security Metrics:**
|
|
{{metrics}}
|
|
{% endif %}
|
|
|
|
Generate a complete CISO report with these sections:
|
|
|
|
---
|
|
## 📊 Executive Summary (Deutsch)
|
|
[3-5 Sätze: Gesamtlage, kritische Risiken, Top-3-Prioritäten für Vorstand]
|
|
|
|
## 🔴 Kritische Befunde / Critical Findings
|
|
[For each CRITICAL/HIGH finding:]
|
|
### Finding: [Name]
|
|
- **Severity:** CRITICAL/HIGH | **CVSS:** X.X
|
|
- **MITRE ATT&CK:** [Tactic > Technique]
|
|
- **Warum gefährlich (DE):** [Business risk explanation for board]
|
|
- **Technical Detail (EN):** [Root cause, exploitation]
|
|
- **Doctrine:** CIA=[C/I/A impact] | Zero Trust=[violation] | Kill Chain=[phase]
|
|
- **Remediation:** [Concrete steps, timeline]
|
|
|
|
## 📈 Security Posture
|
|
- TEPPEKI Coverage: S1-S7 status
|
|
- NIST CSF 2.0 Maturity: [Govern/Identify/Protect/Detect/Respond/Recover]
|
|
|
|
## 📋 Compliance Status
|
|
- NIS2: [compliant items + gaps]
|
|
- ISO 27001: [relevant controls]
|
|
- BSI IT-Grundschutz: [status]
|
|
|
|
## 🎯 Empfehlungen / Recommendations (Top 5)
|
|
[Prioritized by risk reduction impact]
|
|
|
|
---
|
|
## Technical Appendix (English)
|
|
[Full technical details for security team]
|
|
|
|
variables:
|
|
organization:
|
|
type: string
|
|
required: true
|
|
scope:
|
|
type: string
|
|
required: true
|
|
description: "Systems/networks/applications in scope"
|
|
period:
|
|
type: string
|
|
required: true
|
|
description: "Reporting period (e.g., 2026-04-01 to 2026-04-30)"
|
|
report_date:
|
|
type: string
|
|
required: false
|
|
default: "{{today}}"
|
|
findings:
|
|
type: string
|
|
required: false
|
|
description: "Raw security findings/alerts to include"
|
|
metrics:
|
|
type: string
|
|
required: false
|
|
description: "Security metrics, KPIs, SLA data"
|