Skill UI

This guide details how to use Kubernetes NetworkPolicies to enforce granular, pod-level network segmentation. It covers establishing default deny rules, defining specific ingress and egress rules for services, and implementing zero-trust microsegmentation. Use this skill to build robust security architecture and prevent lateral movement within a container cluster.

This skill guides the design and implementation of robust network segmentation using firewall zones, VLANs, ACLs, and microsegmentation. Learn to build secure, isolated zones (like DMZ, PCI CDE, Management) to enforce least-privilege access, restrict lateral movement, and meet stringent compliance requirements (PCI DSS, HIPAA).

This skill details the deployment of Privileged Access Management (PAM) for critical database systems, including Oracle, SQL Server, PostgreSQL, and MySQL. It covers essential security controls such as session proxy configuration, credential vaulting, query auditing, and enforcing least-privilege access, helping organizations meet stringent compliance and security standards.

This guide details the implementation of advanced, phishing-resistant, passwordless authentication using Microsoft Entra ID. It covers configuring FIDO2 security keys, Windows Hello for Business, and passkey support via Microsoft Authenticator. Use this skill to eliminate reliance on passwords, mitigate credential stuffing attacks, and satisfy strict regulatory mandates for modern identity access management.

A comprehensive guide to implementing PCI DSS 4.0.1 requirements for organizations handling cardholder data. This skill covers the full compliance lifecycle, from defining the Cardholder Data Environment (CDE) scope and hardening network security, to implementing advanced data encryption, access controls (MFA/RBAC), and continuous monitoring mechanisms.

This skill guides the deployment and comprehensive configuration of Rapid7 InsightVM. It covers setting up the Security Console and distributed Scan Engines for both authenticated and unauthenticated vulnerability scanning. Learn how to manage diverse scan templates (e.g., PCI, HIPAA), utilize various credential types (SSH, WMI), and integrate endpoint assessment for robust cybersecurity posture management.

This skill guides the implementation of Security Orchestration, Automation, and Response (SOAR) workflows using platforms like Splunk Phantom. It automates the entire incident lifecycle, including alert triage, IOC enrichment (via VirusTotal, CrowdStrike), containment actions, and ticket creation (ServiceNow). Ideal for SOC teams needing to reduce Mean Time To Respond (MTTR) and standardize complex security procedures across multiple tools.

This skill guides the deployment and configuration of a TAXII 2.1 server using OpenTAXII. It enables automated, standardized exchange of STIX-formatted cyber threat intelligence (CTI) indicators between organizations. Use cases include establishing secure threat sharing pipelines, integrating with SIEM/SOAR platforms, and meeting stringent compliance requirements.

This skill provides a comprehensive guide to implementing robust USB device control policies. It restricts unauthorized removable media access to mitigate data exfiltration risks and prevent malware introduction via USB endpoints. Learn how to deploy granular policies using Group Policy Objects (GPO), Microsoft Intune, or advanced Endpoint Detection and Response (EDR) platforms to meet strict compliance standards.

Utilize Velociraptor, an advanced open-source platform, to collect, query, and monitor forensic artifacts across diverse endpoints (Windows, Linux, macOS). This skill enables incident response teams to perform large-scale, rapid digital forensic investigations by collecting critical data such as event logs, registry entries, prefetch files, and network metadata using VQL queries.

A comprehensive guide to implementing Zero Trust Network Access (ZTNA) across major cloud platforms (AWS, Azure, GCP). This skill replaces traditional VPNs with identity-aware proxies, micro-segmentation, and conditional access policies. It ensures secure, context-aware access to cloud workloads, limiting lateral movement and adhering to BeyondCorp architectural principles.

This skill guides the end-to-end deployment of Zero Trust Network Access (ZTNA) using Zscaler Private Access (ZPA). It replaces traditional, perimeter-based VPNs by enforcing identity-based, context-aware microsegmentation. Learn to configure Identity Provider integration, deploy App Connectors, define granular application segments, and establish robust access policies for secure, outbound-only connections.