Skill UI

This skill guides the deployment of canary tokens and honeytokens across critical systems, such as fake AWS credentials, DNS records, and document beacons. These decoys are designed to trigger immediate alerts via webhooks when accessed by attackers, serving as a powerful early warning system for breach detection and intrusion detection.

This guide details the process of deploying and configuring Tofino industrial firewalls for critical OT/ICS environments. It provides architectural blueprints and Python-based rule generators to implement deep packet inspection (DPI) for key industrial protocols like Modbus, EtherNet/IP, and S7comm. This ensures granular, protocol-aware access control and robust zone segmentation for safeguarding SCADA and PLCs.

Deploy SailPoint IdentityNow or IdentityIQ to establish robust identity governance and access administration. This comprehensive solution manages the entire identity lifecycle, facilitates access request workflows, conducts certification campaigns, performs role mining, and enforces Separation of Duties (SOD) policies, ensuring continuous compliance reporting for enterprise IAM environments.

This skill guides the implementation of continuous, risk-adaptive identity verification crucial for Zero Trust Architecture (ZTA). It covers deploying phishing-resistant MFA (FIDO2/WebAuthn), advanced risk-based conditional access policies, and identity governance strategies. Users learn how to move beyond traditional credentials by leveraging multiple signals—such as device posture, behavioral biometrics, and location context—to dynamically assess and enforce trust levels before granting access.

This skill guides the design and implementation of security zones and conduits for Industrial Automation and Control Systems (IACS) following IEC 62443-3-2 standards. It covers risk-based zone partitioning, defining security levels (SL-T), deploying microsegmentation using industrial firewalls, and validating the architecture against the Purdue Model.

This skill covers the architecture, design, and implementation of Just-In-Time (JIT) access provisioning. The goal is to eliminate standing privileges by granting temporary, time-bound access only when specific business needs arise. It guides users through designing robust approval workflows, integrating JIT with PAM and IGA platforms, and enforcing zero standing privilege (ZSP) principles to drastically reduce the attack surface and ensure compliance.

This guide provides a comprehensive deep dive into implementing advanced network segmentation and zero-trust security controls within Kubernetes clusters using Calico. It covers standard Kubernetes NetworkPolicy, utilizing Calico's GlobalNetworkPolicy, and defining security Tiers, ensuring fine-grained, least-privilege communication between pods, and establishing robust security architectures for compliance.

This guide details how to implement Kubernetes Pod Security Standards (PSS) using the Pod Security Admission (PSA) controller. PSS defines three mandatory security levels—Privileged, Baseline, and Restricted—for container workloads. It is essential for enhancing security posture, ensuring compliance, and migrating away from deprecated PodSecurityPolicy (PSP) controls by applying namespace labels and defining compliant pod specifications.

This skill provides comprehensive guidance on configuring Fluentd and Fluent Bit for centralized log collection, routing, filtering, and enrichment. It covers setting up lightweight log forwarders on endpoints and designing central aggregators that route data to SIEM tools, Elasticsearch, or Splunk. Essential for achieving observability and meeting strict security compliance requirements.

This skill provides a comprehensive guide to implementing advanced memory protection mechanisms on Windows endpoints. It covers critical techniques like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and Control Flow Guard (CFG). Use this when hardening systems against various memory corruption exploits, such as buffer overflows and ROP chains, to significantly boost overall security posture.

This guide details the implementation of microsegmentation using Akamai Guardicore, enabling organizations to map complex application dependencies, visualize east-west traffic flows, and enforce least-privilege network policies. It is crucial for achieving zero-trust compliance by preventing lateral movement across heterogeneous workloads in data centers, cloud environments, and Kubernetes clusters.

A comprehensive guide to implementing Mimecast Targeted Threat Protection (TTP). This suite defends against sophisticated phishing, spearphishing, and Business Email Compromise (BEC) attacks by integrating four core modules: URL Protect, Attachment Protect, Impersonation Protect, and Internal Email Protect. Follow the detailed workflow to secure your organizational communications and meet compliance standards.