Search Skills
Search across 54932 indexed skills
executing-red-team-exercise
Assessing an organization's ability to detect, respond to, and contain a realistic adversary operation Testing the effectiveness of the security opera...
performing-active-directory-forest-trust-attack
Active Directory forest trusts enable authentication across organizational boundaries but introduce attack surface if misconfigured. This skill uses i...
implementing-diamond-model-analysis
The Diamond Model of Intrusion Analysis provides a structured framework for analyzing cyber intrusions by examining four core features: Adversary, Cap...
detecting-anomalous-authentication-patterns
Security operations needs to identify compromised accounts from authentication log analysis Implementing impossible travel detection to flag geographi...
implementing-zero-trust-in-cloud
When migrating from traditional perimeter-based security to identity-centric access controls When eliminating VPN dependencies for remote workforce ac...
analyzing-azure-activity-logs-for-threats
When investigating security incidents that require analyzing azure activity logs for threats When building detection rules or threat hunting queries f...
detecting-dnp3-protocol-anomalies
When monitoring SCADA systems in the energy sector where DNP3 is the primary protocol When building detection rules for DNP3-based attacks against RTU...
implementing-cloud-security-posture-management
When establishing continuous security monitoring across AWS, Azure, and GCP environments When compliance requirements demand automated posture assessm...
analyzing-golang-malware-with-ghidra
Go (Golang) has become a popular language for malware authors due to its cross-compilation capabilities, static linking that produces self-contained b...
implementing-cisa-zero-trust-maturity-model
The CISA Zero Trust Maturity Model (ZTMM) Version 2.0, released in April 2023, provides federal agencies and organizations with a structured roadmap f...
recovering-deleted-files-with-photorec
When recovering deleted files from a forensic disk image or storage device When the file system is corrupted, formatted, or overwritten During investi...
profiling-threat-actor-groups
Use this skill when: Updating the organization's threat model with profiles of adversary groups recently observed targeting your sector Preparing an e...