GitHub
Skills harvested from GitHub repositories
14810 skills availablemonitoring-darkweb-sources
Use this skill when: Establishing continuous monitoring for organizational domain names, executive names, and product br...
managing-intelligence-lifecycle
Use this skill when: Establishing a formal CTI program and defining its operational model Conducting quarterly intellige...
managing-cloud-identity-with-okta
When centralizing authentication across AWS, Azure, and GCP console access through a single identity provider When imple...
investigating-phishing-email-incident
Use this skill when: A user reports a suspicious email via the phishing report button or helpdesk ticket Email security ...
investigating-insider-threat-indicators
Use this skill when: HR refers a departing employee for monitoring during their notice period DLP alerts indicate bulk d...
integrating-sast-into-github-actions-pipeline
When development teams need automated code-level vulnerability detection on every pull request When security teams requi...
implementing-zero-trust-with-hashicorp-boundary
HashiCorp Boundary is an identity-aware proxy that provides secure, zero trust access to infrastructure resources withou...
implementing-zero-trust-network-access
When replacing traditional VPN-based remote access with identity-based access controls When implementing micro-segmentat...
implementing-zero-trust-for-saas-applications
When securing access to SaaS applications (Microsoft 365, Google Workspace, Salesforce, Slack) When implementing conditi...
implementing-zero-trust-dns-with-nextdns
NextDNS is a cloud-based DNS resolver that provides encrypted DNS resolution (DNS-over-HTTPS and DNS-over-TLS), real-tim...
implementing-web-application-logging-with-modsecurity
ModSecurity is an open-source WAF engine that works with Apache, Nginx, and IIS. The OWASP Core Rule Set (CRS) provides ...
implementing-ticketing-system-for-incidents
Use this skill when: SOC teams need to formalize incident tracking beyond SIEM notable event management Compliance requi...
implementing-threat-modeling-with-mitre-attack
Use this skill when: SOC teams need to assess detection coverage against relevant threat actors and their TTPs Security ...
implementing-taxii-server-with-opentaxii
TAXII (Trusted Automated eXchange of Intelligence Information) is an OASIS standard protocol for exchanging cyber threat...
implementing-supply-chain-security-with-in-toto
in-toto is a CNCF graduated project that ensures the integrity of software supply chains from initiation to end-user ins...
implementing-soar-playbook-with-palo-alto-xsoar
Cortex XSOAR (formerly Demisto) is Palo Alto Networks' Security Orchestration, Automation, and Response platform. Playbo...
implementing-soar-playbook-for-phishing
This skill implements a phishing incident response workflow using the Splunk SOAR (formerly Phantom) REST API. When a su...
implementing-siem-use-cases-for-detection
Use this skill when: SOC teams need to build or expand their SIEM detection library from scratch Threat assessments iden...
implementing-siem-use-case-tuning
SIEM use case tuning reduces alert fatigue by systematically analyzing detection rules for false positive rates, adjusti...
implementing-siem-correlation-rules-for-apt
When deploying or configuring implementing siem correlation rules for apt capabilities in your environment When establis...
implementing-semgrep-for-custom-sast-rules
Semgrep is an open-source static analysis tool that uses pattern-matching to find bugs, enforce code standards, and dete...
implementing-security-monitoring-with-datadog
Deploying Cloud SIEM to detect real-time threats across cloud infrastructure (AWS, Azure, GCP) Creating custom detection...
implementing-security-information-sharing-with-stix2
Build and share structured threat intelligence using STIX 2.1 objects with the stix2 Python library and TAXII 2.1 transp...
implementing-scim-provisioning-with-okta
SCIM (System for Cross-domain Identity Management) is an open standard protocol (RFC 7644) that automates the exchange o...