Search Skills
Search across 54932 indexed skills
implementing-email-sandboxing-with-proofpoint
Email sandboxing detonates suspicious attachments and URLs in isolated environments to detect zero-day malware and evasive phishing payloads. Proofpoi...
implementing-hashicorp-vault-dynamic-secrets
Applications use static database credentials stored in configuration files or environment variables AWS IAM access keys are long-lived and shared acro...
implementing-endpoint-detection-with-wazuh
Wazuh is an open-source SIEM and XDR platform for endpoint monitoring, threat detection, and compliance. This skill covers managing agents via the Waz...
implementing-delinea-secret-server-for-pam
Organization needs centralized privileged credential management across hybrid infrastructure Compliance requirements mandate privileged access control...
implementing-gdpr-data-protection-controls
The General Data Protection Regulation (EU) 2016/679 (GDPR) is the EU's comprehensive data protection law governing the collection, processing, storag...
hunting-for-dcsync-attacks
When hunting for DCSync credential theft (MITRE ATT&CK T1003.006) After detecting Mimikatz or similar tools in the environment During incident respons...
hunting-for-webshell-activity
When proactively hunting for indicators of hunting for webshell activity in the environment After threat intelligence indicates active campaigns using...
implementing-just-in-time-access-provisioning
Implement Just-In-Time (JIT) access provisioning to eliminate standing privileges by granting temporary, time-bound access only when needed. This skil...
implementing-azure-defender-for-cloud
When enabling comprehensive security monitoring across Azure subscriptions When implementing cloud workload protection for VMs, containers, SQL, stora...
detecting-t1055-process-injection-with-sysmon
When hunting for defense evasion techniques that hide malicious code inside legitimate processes After EDR alerts for suspicious cross-process memory ...
implementing-api-rate-limiting-and-throttling
Protecting authentication endpoints against brute force and credential stuffing attacks Preventing API abuse and resource exhaustion from automated sc...
implementing-attack-path-analysis-with-xm-cyber
XM Cyber is a continuous exposure management platform that uses attack graph analysis to identify how adversaries can chain together exposures -- vuln...