Skill UI

A specialized skill designed to assist in drafting professional and structured internal communications. It provides guidelines and formats for various corporate documents, including 3P updates (Progress, Plans, Problems), company newsletters, status reports, FAQ responses, and incident reports. Use this skill to ensure consistency in tone and structure across all internal messaging.

Guides growth-stage companies through CISO-level security programs by quantifying risks in dollars, sequencing compliance (SOC 2/ISO 27001/HIPAA/GDPR), architecting zero-trust defenses, leading incident response, and translating budgets for boards or sales conversations.

A comprehensive guide for proactive threat hunting and incident response, detailing how to detect Pass-the-Hash attacks. It involves analyzing NTLM authentication patterns, identifying suspicious Type 3 logons, and correlating these anomalies with credential dumping techniques using SIEM/EDR tools.

This guide details a systematic methodology for proactive threat hunting across Windows endpoints. It focuses on identifying various adversary persistence techniques, such as registry modifications (Run Keys), malicious services, WMI event subscriptions, and scheduled tasks. It is essential for incident response, security audits, and improving detection coverage against dormant backdoors.

A detailed guide for conducting professional disk forensics investigations, covering the entire lifecycle from evidence acquisition to artifact analysis. This includes establishing a strict chain of custody, performing bit-for-bit forensic imaging using write blockers, identifying file system structures (MFT, inodes), recovering deleted files, analyzing key artifacts (Prefetch, Amcache), and reconstructing precise timelines of activity for incident response cases.

A structured playbook for diagnosing and resolving critical disruptions within the Navan travel platform. It guides users through severity classification (P1-P4), utilizing built-in AI assistants (Ava), and performing essential API health checks using tools like curl and jq. This runbook ensures a systematic approach to handling failures related to bookings, OAuth tokens, and expense syncing, minimizing downtime and providing clear escalation paths.

This skill simulates a comprehensive auditor pressure test for any Information Security Management System (ISMS) against ISO 27001 standards. It forces interrogation on six critical areas—including scope, risk management, access control, and incident response—ensuring compliance and readiness before internal audits, Stage 1 certification, or surveillance audits.