Skill UI

The GCP Organization Policy Service allows administrators to enforce centralized security guardrails and governance policies across an entire resource hierarchy (organization, folder, project). By defining constraints (List, Boolean, Custom), users can restrict risky resource configurations, ensuring compliance with internal security standards and external regulations. Ideal for security architecture, compliance checks, and cloud governance implementation.

Deploy SailPoint IdentityNow or IdentityIQ to establish robust identity governance and access administration. This comprehensive solution manages the entire identity lifecycle, facilitates access request workflows, conducts certification campaigns, performs role mining, and enforces Separation of Duties (SOD) policies, ensuring continuous compliance reporting for enterprise IAM environments.

This skill guides the implementation of continuous, risk-adaptive identity verification crucial for Zero Trust Architecture (ZTA). It covers deploying phishing-resistant MFA (FIDO2/WebAuthn), advanced risk-based conditional access policies, and identity governance strategies. Users learn how to move beyond traditional credentials by leveraging multiple signals—such as device posture, behavioral biometrics, and location context—to dynamically assess and enforce trust levels before granting access.

This skill guides the implementation of automated security scanning for Infrastructure as Code (IaC) templates using industry-leading tools like Checkov and tfsec. It focuses on integrating security checks into CI/CD pipelines to detect misconfigurations (e.g., public buckets, open ports) in Terraform, CloudFormation, and Kubernetes manifests before they reach production, thereby enforcing policy-based governance and securing the development lifecycle.

This skill covers the complete lifecycle for establishing, implementing, and maintaining an Information Security Management System (ISMS) based on ISO/IEC 27001:2022. Users learn the full process, from initial gap analysis and risk assessment (including defining risk treatment plans) to selecting Annex A controls, developing the Statement of Applicability (SoA), conducting internal audits, and preparing for final certification. It is essential for organizations needing to achieve formal security compliance and robust governance.

This skill defines the process and framework for establishing mandatory Service Level Agreements (SLAs) for mitigating identified vulnerabilities. It guides users on how to calculate remediation timeframes based on vulnerability severity (CVSS, KEV), asset criticality (Tier 1, 2, 3), and exploit availability. The process includes setting up escalation chains, defining exception processes, and tracking key performance indicators (KPIs) like Mean Time to Remediate (MTTR) to ensure robust security governance and compliance.

This guide details the implementation of Zero Trust Architecture for securing Software as a Service (SaaS) applications. It leverages Conditional Access Policies, CASB (Cloud Access Security Broker), and Identity Governance to enforce strict identity verification, device compliance, and data loss prevention (DLP) across cloud environments (e.g., M365, Salesforce). It helps mitigate risks associated with shadow IT and excessive application permissions.

Automate and execute comprehensive access recertification campaigns within Saviynt Enterprise Identity Cloud. This process validates user entitlements against industry standards like SOX, SOC2, and HIPAA. It helps organizations mitigate security risks by identifying and revoking excessive or unnecessary access rights, ensuring robust identity governance and compliance.

A comprehensive guide detailing the process of performing entitlement reviews and access certification campaigns using SailPoint IdentityIQ. This skill is critical for maintaining compliance (SOX, HIPAA) by automating manager reviews, targeted privileged access validation, and identifying Separation of Duties (SOD) violations. It ensures robust access governance and facilitates automated remediation workflows.

This guide details the systematic process for reviewing high-privilege accounts, including Domain Admins, cloud IAM roles, and service accounts. It is a critical identity governance function designed to validate that users only retain the access they absolutely require, thereby enforcing the principle of least privilege. This review is mandatory for compliance frameworks like SOC 2, PCI DSS, and HIPAA, and involves discovery, validation, remediation, and continuous monitoring.

AegisOps-AI is a professional-grade 'Living Pipeline' that integrates advanced AI reasoning directly into the SDLC. It acts as an intelligent gatekeeper, automating high-stakes audits across three domains: identifying memory vulnerabilities in Linux Kernel patches, detecting massive cost drifts in Terraform plans, and translating natural language security intent into hardened Kubernetes manifests.

Helps teams treat prompts like production code by providing registry, eval, and governance workflows for versioning, testing, and promoting prompts safely across environments.