Search Skills
Search across 54932 indexed skills
performing-agentless-vulnerability-scanning
Agentless vulnerability scanning assesses systems for security weaknesses without requiring endpoint agent installation. This approach leverages exist...
integrating-sast-into-github-actions-pipeline
When development teams need automated code-level vulnerability detection on every pull request When security teams require consistent SAST enforcement...
performing-api-security-testing-with-postman
Building repeatable API security test suites for OWASP API Security Top 10 coverage Creating automated security regression tests that run in CI/CD pip...
implementing-supply-chain-security-with-in-toto
in-toto is a CNCF graduated project that ensures the integrity of software supply chains from initiation to end-user installation. It creates a verifi...
implementing-taxii-server-with-opentaxii
TAXII (Trusted Automated eXchange of Intelligence Information) is an OASIS standard protocol for exchanging cyber threat intelligence over HTTPS. Open...
implementing-web-application-logging-with-modsecurity
ModSecurity is an open-source WAF engine that works with Apache, Nginx, and IIS. The OWASP Core Rule Set (CRS) provides generic attack detection rules...
implementing-siem-use-case-tuning
SIEM use case tuning reduces alert fatigue by systematically analyzing detection rules for false positive rates, adjusting thresholds based on environ...
implementing-soar-playbook-for-phishing
This skill implements a phishing incident response workflow using the Splunk SOAR (formerly Phantom) REST API. When a suspected phishing email is repo...
implementing-zero-trust-for-saas-applications
When securing access to SaaS applications (Microsoft 365, Google Workspace, Salesforce, Slack) When implementing conditional access policies requiring...
performing-access-review-and-certification
Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with their roles. This skill covers review...
implementing-runtime-security-with-tetragon
Tetragon is a CNCF project under Cilium that provides flexible Kubernetes-aware security observability and runtime enforcement using eBPF. By operatin...
implementing-saml-sso-with-okta
Implement SAML 2.0 Single Sign-On (SSO) using Okta as the Identity Provider (IdP). This skill covers end-to-end configuration of SAML authentication f...