Search Skills
Search across 54932 indexed skills
building-identity-federation-with-saml-azure-ad
Identity federation enables users authenticated by one identity provider to access resources managed by another without maintaining separate credentia...
analyzing-ransomware-encryption-mechanisms
A ransomware infection has occurred and recovery requires understanding the encryption scheme used Assessing whether decryption is possible without pa...
conducting-post-incident-lessons-learned
After any security incident has been fully resolved and recovery completed Following tabletop exercises or IR simulations After significant near-miss ...
implementing-github-advanced-security-for-code-scanning
GitHub Advanced Security (GHAS) integrates CodeQL-powered static application security testing directly into the GitHub development workflow. CodeQL tr...
conducting-api-security-testing
Testing API endpoints for authorization flaws, injection vulnerabilities, and business logic bypasses Assessing the security of microservices architec...
implementing-mimecast-targeted-attack-protection
Mimecast Targeted Threat Protection (TTP) is a suite of advanced email security services designed to protect against sophisticated phishing, spearphis...
implementing-mitre-attack-coverage-mapping
MITRE ATT&CK coverage mapping gives SOC teams a structured, adversary-centric lens to evaluate detection capabilities. Enterprise SIEMs on average hav...
building-threat-intelligence-feed-integration
Use this skill when: SOC teams need automated ingestion of threat intelligence feeds into SIEM platforms Multiple TI sources require normalization int...
building-detection-rules-with-sigma
Use this skill when: SOC engineers need to create detection rules portable across multiple SIEM platforms Threat intelligence reports describe TTPs re...
implementing-mobile-application-management
Use this skill when: Deploying enterprise mobile app protection without full device management (MDM) Implementing BYOD policies that protect corporate...
implementing-ot-network-traffic-analysis-with-nozomi
When deploying passive OT network monitoring using Nozomi Networks Guardian sensors When requiring asset visibility without active scanning in sensiti...
triaging-security-alerts-in-splunk
Use this skill when: SOC Tier 1 analysts need to process the Incident Review queue in Splunk Enterprise Security (ES) Notable events require rapid sev...