Skill UI

This skill guides the implementation of continuous, risk-adaptive identity verification crucial for Zero Trust Architecture (ZTA). It covers deploying phishing-resistant MFA (FIDO2/WebAuthn), advanced risk-based conditional access policies, and identity governance strategies. Users learn how to move beyond traditional credentials by leveraging multiple signals—such as device posture, behavioral biometrics, and location context—to dynamically assess and enforce trust levels before granting access.

This skill guides the design and implementation of security zones and conduits for Industrial Automation and Control Systems (IACS) following IEC 62443-3-2 standards. It covers risk-based zone partitioning, defining security levels (SL-T), deploying microsegmentation using industrial firewalls, and validating the architecture against the Purdue Model.

This skill details implementing a ransomware-resistant, immutable backup strategy using the restic tool. It leverages S3-compatible Object Lock (Compliance Mode) to ensure Write Once Read Many (WORM) storage, preventing deletion or modification by attackers. The process includes automated backup, cryptographic integrity verification (restic check), and scheduled restore testing, adhering to advanced security standards like 3-2-1-1-0.

This skill covers the architecture, design, and implementation of Just-In-Time (JIT) access provisioning. The goal is to eliminate standing privileges by granting temporary, time-bound access only when specific business needs arise. It guides users through designing robust approval workflows, integrating JIT with PAM and IGA platforms, and enforcing zero standing privilege (ZSP) principles to drastically reduce the attack surface and ensure compliance.

This guide provides a comprehensive deep dive into implementing advanced network segmentation and zero-trust security controls within Kubernetes clusters using Calico. It covers standard Kubernetes NetworkPolicy, utilizing Calico's GlobalNetworkPolicy, and defining security Tiers, ensuring fine-grained, least-privilege communication between pods, and establishing robust security architectures for compliance.

This guide details how to implement Kubernetes Pod Security Standards (PSS) using the Pod Security Admission (PSA) controller. PSS defines three mandatory security levels—Privileged, Baseline, and Restricted—for container workloads. It is essential for enhancing security posture, ensuring compliance, and migrating away from deprecated PodSecurityPolicy (PSP) controls by applying namespace labels and defining compliant pod specifications.

This skill provides comprehensive guidance on configuring Fluentd and Fluent Bit for centralized log collection, routing, filtering, and enrichment. It covers setting up lightweight log forwarders on endpoints and designing central aggregators that route data to SIEM tools, Elasticsearch, or Splunk. Essential for achieving observability and meeting strict security compliance requirements.

This skill provides a comprehensive guide to implementing advanced memory protection mechanisms on Windows endpoints. It covers critical techniques like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and Control Flow Guard (CFG). Use this when hardening systems against various memory corruption exploits, such as buffer overflows and ROP chains, to significantly boost overall security posture.

This guide details the implementation of microsegmentation using Akamai Guardicore, enabling organizations to map complex application dependencies, visualize east-west traffic flows, and enforce least-privilege network policies. It is crucial for achieving zero-trust compliance by preventing lateral movement across heterogeneous workloads in data centers, cloud environments, and Kubernetes clusters.

A comprehensive guide to implementing Mimecast Targeted Threat Protection (TTP). This suite defends against sophisticated phishing, spearphishing, and Business Email Compromise (BEC) attacks by integrating four core modules: URL Protect, Attachment Protect, Impersonation Protect, and Internal Email Protect. Follow the detailed workflow to secure your organizational communications and meet compliance standards.

This skill guides the implementation of Mobile Application Management (MAM) policies, enabling robust data protection for corporate assets on both managed and unmanaged mobile devices (BYOD). It covers configuring app-level controls such as Data Loss Prevention (DLP), selective wiping, and containerization using platforms like Microsoft Intune and Azure AD. Use this when enforcing data separation between personal and work environments without requiring full device enrollment.

This skill guides the implementation and maintenance of compliance controls for North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards. It covers key areas including asset categorization (CIP-002), electronic security perimeters (CIP-005), system security management (CIP-007), and supply chain risk management. Use this when auditing, updating, or establishing compliance measures for Bulk Electric System (BES) cyber assets.