📦 Ransomware Preventer — 勒索软件防护
v1.0.0多层次勒索软件防御策略平台,基于组织评估数据(包括规模、行业、安全态势、已部署系统和现有安全工具)生成个性化防护建议。适用于安全团队、MSSP、企业风险管理者和网络安全顾问,帮助快速评估勒索软件漏洞并向利益相关者提供数据驱动的防御策略。
0· 83·0 当前·0 累计
by 安全扫描
OpenClaw
可疑
medium confidence该技能的文档描述了一个网络化的「Ransomware Preventer」API,但包中仅包含说明文档和 OpenAPI 规范,没有服务器/端点或安装程序——这种不匹配和缺乏来源信息意味着在使用前应精确验证其调用方式和数据流向。
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/24
Ransomware Preventer 1.0.0 — 初始版本发布:推出基于组织评估数据生成个性化、多层次勒索软件防御策略的平台;提供健康检查和防御策略生成的端点文档;支持跨预防、检测、响应和恢复层的详细风险分析、差距评估和定制建议;设计用于与现有安全和威胁情报工作流无缝集成;提供分层定价方案,包括免费选项供有限使用。
● 无害
安装命令
点击复制官方npx clawhub@latest install ransomware-preventer
🇨🇳 镜像加速npx clawhub@latest install ransomware-preventer --registry https://cn.longxiaskill.com
技能文档
Ransomware Preventer 是一个复杂的安全 API,旨在帮助组织开发和实施针对勒索软件威胁的全面防御策略。通过分析您组织的独特特征——包括规模、行业垂直领域、当前安全态势、已部署系统和现有安全工具——该平台会根据您的特定风险配置文件和运营环境生成个性化的多层防御建议。
该 API 非常适合安全团队、托管安全服务提供商 (MSSP)、企业风险管理者和网络安全顾问,他们需要快速评估勒索软件漏洞并向利益相关者提供数据驱动的防御策略。无论您是在保护关键基础设施、医疗保健、金融或其他高风险行业的小型企业还是大型企业,Ransomware Preventer 都能提供可操作的情报来增强您的勒索软件抵御能力。
主要功能包括实时评估处理、上下文防御策略生成、会话跟踪以实现审计跟踪,以及集成就绪的 API 设计,可无缝融入安全编排平台和威胁情报工作流。
使用方法
示例请求
{
"assessmentData": {
"organizationSize": "enterprise",
"industry": "financial_services",
"securityPosture": "mature",
"systems": [
"Active Directory",
"Exchange Server",
"SQL Server",
"SharePoint",
"VPN Gateway"
],
"existingTools": "Sentinel One EDR, Fortinet FortiGate, Splunk SIEM",
"sessionId": "sess_a7f3c9e2d1b4",
"timestamp": "2024-01-15T14:32:00Z"
},
"sessionId": "sess_a7f3c9e2d1b4",
"userId": 12847,
"timestamp": "2024-01-15T14:32:00Z"
}
示例响应
{
"strategyId": "strat_8f2e9c1a5d3b",
"sessionId": "sess_a7f3c9e2d1b4",
"organizationProfile": {
"size": "enterprise",
"industry": "financial_services",
"riskLevel": "high",
"complianceRequirements": [
"PCI-DSS",
"SOX",
"GLBA"
]
},
"defenseStrategy": {
"preventionLayer": {
"priority": "critical",
"recommendations": [
{
"control": "Email Security Gateway",
"rationale": "Block malicious attachments and phishing vectors",
"implementation": "Deploy advanced threat protection with sandbox analysis"
},
{
"control": "Application Whitelisting",
"rationale": "Prevent unauthorized executable execution",
"implementation": "Implement on critical servers and workstations"
}
]
},
"detectionLayer": {
"priority": "critical",
"recommendations": [
{
"control": "File Integrity Monitoring",
"rationale": "Detect unauthorized file modifications in real-time",
"implementation": "Monitor system directories and shared drives"
},
{
"control": "Behavioral Analytics",
"rationale": "Identify anomalous file access patterns",
"implementation": "Enhance EDR with UEBA capabilities"
}
]
},
"responseLayer": {
"priority": "high",
"recommendations": [
{
"control": "Incident Response Plan",
"rationale": "Minimize dwell time and impact",
"implementation": "Test quarterly; include ransomware playbook"
},
{
"control": "Immutable Backups",
"rationale": "Ensure recovery capability independent of primary systems",
"implementation": "Air-gapped backup infrastructure with 3-2-1 strategy"
}
]
},
"recoveryLayer": {
"priority": "high",
"recommendations": [
{
"control": "Disaster Recovery Plan",
"rationale": "Restore operations within defined RTO/RPO",
"implementation": "Test recovery procedures; maintain offline documentation"
}
]
}
},
"gapAnalysis": {
"currentCoverage": 72,
"recommendedCoverage": 95,
"criticalGaps": [
"Immutable backup infrastructure",
"Advanced email threat protection",
"File integrity monitoring"
]
},
"timeline": "2024-01-15T14:32:15Z",
"confidence": 0.92
}
端点
GET /
根端点
返回基本 API 信息和服务状态。
参数: 无
响应: 包含服务元数据的 JSON 对象
GET /health
健康检查
验证 API 可用性和运营状态。用于监控和正常运行时间检查。
参数: 无
响应: 指示健康状态的 JSON 对象
POST /api/ransomware/preventer
生成防御策略
根据您组织的评估数据生成个性化的多层勒索软件防御策略。
参数:
| 名称 | 类型 | 必需 | 描述 |
|---|---|---|---|
assessmentData | object | 是 | 组织评估详情 |
assessmentData.organizationSize | string | 是 | 组织规模(如 "small"、"medium"、"enterprise") |
assessmentData.industry | string | 是 | 行业垂直领域(如 "financial_services"、"healthcare"、"manufacturing") |
assessmentData.securityPosture | string | 是 | 当前安全成熟度级别(如 "basic"、"intermediate"、"mature"、"advanced") |
assessmentData.systems | string 数组 | 是 | 已部署系统和平台的列表(如 "Active Directory"、"Exchange Server"、"SQL Server") |
assessmentData.existingTools | string | 是 | 当前已部署的安全工具和解决方案描述 |
assessmentData.sessionId | string | 是 | 用于审计跟踪的唯一会话标识符 |
assessmentData.timestamp | string | 是 | 评估数据收集的 ISO 8601 时间戳 |
sessionId | string | 是 | 与 assessmentData.sessionId 匹配的唯一会话标识符 |
userId | integer 或 null | 否 | 用于多用户跟踪的可选用户标识符 |
timestamp | string | 是 | 请求的 ISO 8601 时间戳 |
{
"strategyId": "string",
"sessionId": "string",
"organizationProfile": {
"size": "string",
"industry": "string",
"riskLevel": "string",
"complianceRequirements": ["string"]
},
"defenseStrategy": {
"preventionLayer": {
"priority": "string",
"recommendations": [
{
"control": "string",
"rationale": "string",
"implementation": "string"
}
]
},
"detectionLayer": {
"priority": "string",
"recommendations": [
{
"control": "string",
"rationale": "string",
"implementation": "string"
}
]
},
"responseLayer": {
"priority": "string",
"recommendations": [
{
"control": "string",
"rationale": "string",
"implementation": "string"
}
]
},
"recoveryLayer": {
"priority": "string",
"recommendations": [
{
"control": "string",
"rationale": "string",
"implementation": "string"
}
]
}
},
"gapAnalysis": {
"currentCoverage": "number",
"recommendedCoverage": "number",
"criticalGaps": ["string"]
},
"timeline": "string",
"confidence": "number"
}
错误响应:
- 422 验证错误:请求体验证失败。请检查必填字段和数据类型。
定价
| 计划 | 每日调用次数 | 每月调用次数 | 价格 |
|---|---|---|---|
| Free | 5 | 50 | 免费 |
| Developer | 20 | 500 | $39/月 |
| Professional | 200 | 5,000 | $99/月 |
| Enterprise | 100,000 | 1,000,000 | $299/月 |
关于 ToolWeb.in
- 200+ 安全 API,CISSP & CISM,平台:按次付费、API 网关、MCP Server、OpenClaw、RapidAPI、YouTube。
- toolweb.in
- portal.toolweb.in
- hub.toolweb.in
- toolweb.in/openclaw/
- rapidapi.com/user/mkrishna477
- youtube.com/@toolweb-009
参考资料
- Kong 路由: https://api.mkkpro.com/security/ransomware-preventer
- API 文档: https://api.mkkpro.com:8078/docs
数据来源:ClawHub ↗ · 中文优化:龙虾技能库