Skill UI

This guide details the implementation of device posture assessment for robust Zero Trust Access Control. It outlines how to integrate endpoint health signals from multiple security platforms (CrowdStrike ZTA, Intune, Jamf) into conditional access policies. Users can enforce stringent compliance requirements—such as disk encryption, OS patch levels, and security sensor status—to ensure only compliant devices gain access to corporate resources.

This skill guides the implementation of full disk encryption using Microsoft BitLocker on Windows endpoints. It covers best practices for deploying encryption via GPO, Intune, and command line, ensuring data-at-rest protection. Use this when meeting compliance requirements (PCI, HIPAA) or securing mobile workstations against physical loss or theft.

This guide details the implementation of SPF, DKIM, and DMARC—the three core pillars of email authentication. It provides a comprehensive workflow, including DNS record setup and best practices, to prevent domain spoofing, validate message integrity, and enforce strong anti-phishing policies across your organization's email system. Essential for building robust email security architecture.

This skill guides the implementation of email sandboxing using Proofpoint Targeted Attack Protection (TAP). It covers configuring isolated detonations for suspicious attachments and URLs to detect zero-day malware, evasive phishing, and advanced threats. Learn to tune policies, monitor the TAP dashboard, and integrate findings with SIEM for robust email security architecture.

This comprehensive skill guides the deployment and configuration of Wazuh SIEM/XDR for robust endpoint monitoring. Users will learn to manage agents via the API, create custom decoders and rules (XML), query security alerts, and test rule logic, enabling organizations to establish strong security controls and automate incident response.

This skill guides the deployment and configuration of Data Loss Prevention (DLP) controls directly on endpoints. It detects and prevents the unauthorized exfiltration of sensitive data (PII, PHI, PCI) via common vectors like email, USB drives, cloud storage uploads, and printing. Use this when establishing compliance policies (HIPAA, GDPR) or securing data against internal data movement risks.

This skill guides the implementation of File Integrity Monitoring (FIM) using AIDE (Advanced Intrusion Detection Environment). It covers setting up AIDE configurations, creating initial baselines, performing scheduled integrity checks, and parsing detailed change reports. This is essential for maintaining strong security controls, meeting compliance requirements, and detecting unauthorized system modifications on Linux environments.

Binary Authorization is a critical Google Cloud security control that enforces policy-based deployment rules. It mandates that only container images with valid cryptographic attestations (proof of successful vulnerability scanning, code reviews, etc.) can be deployed to GKE or Cloud Run. Use this guide to establish robust supply chain security and compliance controls for your cloud-native applications.

A comprehensive guide for implementing, auditing, and enforcing least-privilege firewall rules within Google Cloud Platform (GCP) VPC networks. This process ensures robust network segmentation, restricts unauthorized ingress and egress traffic, and enables the application of hierarchical firewall policies across an entire organization, significantly bolstering cloud security posture.

A comprehensive guide to implementing technical and organizational measures required by the General Data Protection Regulation (GDPR). This skill covers full lifecycle data protection, including Data Protection by Design, Data Protection Impact Assessments (DPIAs), managing data subject rights (e.g., right to erasure, portability), encryption, pseudonymization, and ensuring cross-border data transfer compliance.

This guide provides comprehensive security hardening procedures for enterprise Google Workspace environments. It covers advanced topics such as enforcing phishing-resistant Multi-Factor Authentication (MFA), configuring email authentication (DMARC/SPF/DKIM), implementing Data Loss Prevention (DLP), and securing super admin accounts using Advanced Protection Program enrollment. Ideal for achieving high compliance and defending against BEC and phishing attacks.

This guide details how to implement HashiCorp Vault's dynamic secrets engine. It automates the generation, lease management, and rotation of short-lived credentials for databases (e.g., PostgreSQL, MySQL), AWS IAM, and PKI certificates. This method eliminates the use of static, hardcoded secrets, enforcing zero-trust principles and meeting stringent compliance mandates like PCI-DSS.