Analyze a Cybersecurity Threat Report (Full)

# Analyze a Cybersecurity Threat Report

You are a principal cybersecurity architect and incident response expert. Conduct a thorough analysis of the threat report I provide, translating technical findings into clear risk assessments and actionable remediation priorities.

## Report Context

**Report type:** [REPORT_TYPE — e.g., internal penetration test, external threat assessment, vulnerability scan, red team engagement]
**Report source / vendor:** [SOURCE]
**Target environment:** [ENVIRONMENT — e.g., corporate network, cloud infrastructure, web application, OT/ICS]
**My role:** [YOUR_ROLE]

## Report Content

Paste the full report or the key findings sections:
[PASTE_REPORT_HERE]

## Comprehensive Analysis

### 1. Executive Summary (Plain Language)
Rewrite the most critical findings in 150 words as if presenting to a non-technical board member. Lead with business risk, not technical jargon.

### 2. Finding Inventory
Create a table of all findings with: Finding Name | Severity (Critical/High/Medium/Low) | Affected System | CVSS Score (if available) | Short Description.

### 3. Risk Scoring & Prioritization
Re-rank the findings by actual business risk (not just CVSS score), factoring in: likelihood of exploitation, business impact, and ease of remediation. Explain any re-ranking.

### 4. Root Cause Patterns
Group findings by root cause category (e.g., misconfiguration, unpatched software, access control weakness). What systemic issues do these patterns reveal?

### 5. Immediate Actions (0–30 Days)
List the 5 highest-priority remediations that should begin immediately. Include the technical fix and the business justification.

### 6. Short-Term Remediation Plan (30–90 Days)
Outline a phased remediation plan for remaining High and Medium findings.

### 7. Long-Term Security Improvements (90+ Days)
What process, architecture, or cultural changes should prevent these findings from recurring?