Skill UI

This guide details how to implement Kubernetes Pod Security Standards (PSS) using the Pod Security Admission (PSA) controller. PSS defines three mandatory security levels—Privileged, Baseline, and Restricted—for container workloads. It is essential for enhancing security posture, ensuring compliance, and migrating away from deprecated PodSecurityPolicy (PSP) controls by applying namespace labels and defining compliant pod specifications.

This skill provides comprehensive guidance on configuring Fluentd and Fluent Bit for centralized log collection, routing, filtering, and enrichment. It covers setting up lightweight log forwarders on endpoints and designing central aggregators that route data to SIEM tools, Elasticsearch, or Splunk. Essential for achieving observability and meeting strict security compliance requirements.

This skill provides a comprehensive guide to implementing advanced memory protection mechanisms on Windows endpoints. It covers critical techniques like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and Control Flow Guard (CFG). Use this when hardening systems against various memory corruption exploits, such as buffer overflows and ROP chains, to significantly boost overall security posture.

This guide details the implementation of microsegmentation using Akamai Guardicore, enabling organizations to map complex application dependencies, visualize east-west traffic flows, and enforce least-privilege network policies. It is crucial for achieving zero-trust compliance by preventing lateral movement across heterogeneous workloads in data centers, cloud environments, and Kubernetes clusters.

A comprehensive guide to implementing Mimecast Targeted Threat Protection (TTP). This suite defends against sophisticated phishing, spearphishing, and Business Email Compromise (BEC) attacks by integrating four core modules: URL Protect, Attachment Protect, Impersonation Protect, and Internal Email Protect. Follow the detailed workflow to secure your organizational communications and meet compliance standards.

This skill guides the implementation of Mobile Application Management (MAM) policies, enabling robust data protection for corporate assets on both managed and unmanaged mobile devices (BYOD). It covers configuring app-level controls such as Data Loss Prevention (DLP), selective wiping, and containerization using platforms like Microsoft Intune and Azure AD. Use this when enforcing data separation between personal and work environments without requiring full device enrollment.

This skill guides the implementation and maintenance of compliance controls for North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards. It covers key areas including asset categorization (CIP-002), electronic security perimeters (CIP-005), system security management (CIP-007), and supply chain risk management. Use this when auditing, updating, or establishing compliance measures for Bulk Electric System (BES) cyber assets.

This guide details the implementation of robust network access control (NAC) using 802.1X, RADIUS authentication, and platforms like PacketFence. It enables identity-based access enforcement, performs endpoint posture assessment, and dynamically assigns users to appropriate VLANs. Ideal for achieving zero-trust architecture and meeting stringent compliance standards (e.g., PCI-DSS).

This skill details the deployment of Cisco Identity Services Engine (ISE) for comprehensive network access control. It utilizes 802.1X, MAC Authentication Bypass (MAB), and posture assessment to centralize policy enforcement. ISE acts as a RADIUS policy server, providing dynamic VLAN assignment, downloadable ACLs, and robust authentication for both wired and wireless enterprise environments.

A comprehensive guide for deploying and managing network deception systems using industry-leading honeypot platforms like OpenCanary, T-Pot, and Cowrie. This skill helps security professionals detect unauthorized access attempts, trace lateral movement, and gather critical threat intelligence by simulating vulnerable services within a controlled environment. Ideal for enhancing network security architecture and creating early warning indicators for intrusions.

Suricata is a high-performance, open-source network threat detection engine used for deep packet inspection. This skill details the deployment and configuration of Suricata in Intrusion Prevention System (IPS) mode. It covers setting up custom rules, integrating third-party rulesets (like Emerging Threats), and actively blocking malicious traffic in real time, making it essential for robust network security and compliance enforcement.

This guide details how to use Kubernetes NetworkPolicies to enforce granular, pod-level network segmentation. It covers establishing default deny rules, defining specific ingress and egress rules for services, and implementing zero-trust microsegmentation. Use this skill to build robust security architecture and prevent lateral movement within a container cluster.