blackpoint-incident-responselisted

Use this skill when investigating a Blackpoint Cyber detection — drilling from a tenant to its assets, walking the detection list, pulling vulnerability and dark-web context, and assembling an incident timeline.
wyre-technology/msp-claude-plugins · ★ 28 · Code & Development · score 80

Install: claude install-skill wyre-technology/msp-claude-plugins

# Blackpoint Incident Response The functional Blackpoint tool surface today is read-only and centers on detections and the assets they fire against. This skill walks the investigation flow: tenant → asset → detections → vulnerabilities, plus dark-web and external-vulnerability cross-references. ## API Tools ### Tenants | Tool | Purpose | |------|---------| | `blackpoint_tenants_list` | Partner's customer tenants | | `blackpoint_tenants_get` | Detail for one tenant | ### Assets | Tool | Purpose | |------|---------| | `blackpoint_assets_list` | Assets for a tenant | | `blackpoint_assets_get` | Detail for one asset | | `blackpoint_assets_search` | Search assets by name / identifier | | `blackpoint_assets_relationships` | Asset relationships (parent / child / related) | ### Detections | Tool | Purpose | |------|---------| | `blackpoint_detections_list` | Detections for the tenant / asset scope | | `blackpoint_detections_get` | Full detail for one detection | ### Vulnerabilities | Tool | Purpose | |------|---------| | `blackpoint_vulnerabilities_list` | Known vulnerabilities for the scope | | `blackpoint_vulnerabilities_scans_list` | Recent scan results | | `blackpoint_vulnerabilities_darkweb_list` | Dark-web exposure findings | | `blackpoint_vulnerabilities_external_list` | External (internet-facing) vulnerabilities | ## Common Workflows ### Walk a detection end-to-end 1. Identify the tenant: `blackpoint_tenants_list` → `blackpoint_tenants_get`. 2. List recent det