'Implements application whitelisting using Windows AppLocker to restrict unauthorized software execution on endpoints,

'Implementing AWS Security Hub to aggregate security findings across AWS accounts, enable compliance standards

'Implementing Google''s BeyondCorp zero trust access model to eliminate implicit trust from the network perimeter,

'Deploys DNS, HTTP, and AWS API key canary tokens across network infrastructure to detect unauthorized access

'Implementing Cloud Security Posture Management (CSPM) to continuously monitor multi-cloud environments for misconfigurations,

Configure Microsoft Entra ID (Azure AD) Conditional Access policies for zero trust access control. Covers signal-based

'Implement secure conduit architecture for OT remote access following IEC 62443 zones and conduits model, deploying

Reduce container attack surface by building application images on Google distroless base images that contain

Configure Cloudflare DDoS protection with managed rulesets, rate limiting, WAF rules, Bot Management, and origin

Deploy and monitor Canary Tokens via the Thinkst Canary API for deception-based breach detection using web bug

'Implements Delinea Secret Server for privileged access management (PAM) including secret vault configuration,

'Implementing device posture assessment as a zero trust access control by integrating endpoint health signals

'Implements full disk encryption using Microsoft BitLocker on Windows endpoints to protect data at rest from

SPF, DKIM, and DMARC form the three pillars of email authentication. Together they prevent domain spoofing, validate

Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based

Implement GCP Organization Policy constraints to enforce security guardrails across the entire resource hierarchy,

'Implements FIDO2/WebAuthn hardware security key authentication including registration ceremonies, authentication

'Implements HashiCorp Vault dynamic secrets engines for database credentials, AWS IAM keys, and PKI certificates

'Deploys canary tokens and honeytokens (fake AWS credentials, DNS canaries, document beacons, database records)

Implement continuous identity verification for zero trust using phishing-resistant MFA (FIDO2/WebAuthn), risk-based

'This skill covers designing and implementing security zones and conduits for industrial automation and control

Pod Security Standards (PSS) define three levels of security policies -- Privileged, Baseline, and Restricted

'Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection,

Configure Fluentd and Fluent Bit for centralized log aggregation, routing, filtering, and enrichment across distributed

Build an append-only log integrity chain using SHA-256 hash chaining for tamper detection. Each log entry is

Deploy Mimecast Targeted Threat Protection including URL Protect, Attachment Protect, Impersonation Protect,

Deploy Cisco Identity Services Engine for 802.1X wired and wireless authentication, MAC Authentication Bypass,

Kubernetes NetworkPolicies provide pod-level network segmentation by defining ingress and egress rules that control

'This skill covers implementing network segmentation in Operational Technology environments using VLANs, industrial

Deploy and query Arkime (formerly Moloch) for full packet capture network traffic analysis. Uses the Arkime API

'Deploy Nozomi Networks Guardian sensors for passive OT network traffic analysis to achieve comprehensive asset

Deploy privileged access management for database systems including Oracle, SQL Server, PostgreSQL, and MySQL.

'Implements passwordless authentication using Microsoft Entra ID with FIDO2 security keys, Windows Hello for

'This skill covers implementing a structured patch management program for OT/ICS environments where traditional

PCI DSS 4.0.1 establishes 12 requirements across 6 control objectives for organizations that store, process, or transmit cardholder data. With PCI DSS 3.2.1 retiring April 2024 and 51 new requirements

'This skill covers implementing Open Policy Agent (OPA) and Gatekeeper for policy-as-code enforcement in Kubernetes

Design and implement Privileged Access Workstations (PAWs) with device hardening, just-in-time access, and integration

'Implements privileged session monitoring and recording using Privileged Access Management (PAM) solutions, focusing

'Implement network segmentation based on the Purdue Enterprise Reference Architecture (PERA) model to separate

'Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based

Deploy and configure Rapid7 InsightVM Security Console and Scan Engines for authenticated and unauthenticated

'This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories.

'Implements security chaos engineering experiments that deliberately disable or degrade security controls to

'Implements Security Orchestration, Automation, and Response (SOAR) workflows using Splunk SOAR (formerly Phantom)

Implement automated incident response playbooks in Cortex XSOAR to orchestrate security workflows across SOC

'Implements an integrated incident ticketing system connecting SIEM alerts to ServiceNow, Jira, or TheHive for

'Implements USB device control policies to restrict unauthorized removable media access on endpoints, preventing

Deploy and configure Velociraptor for scalable endpoint forensic artifact collection during incident response

Build automated alerting for vulnerability remediation SLA breaches with severity-based timelines, escalation

'Configure ModSecurity WAF with OWASP Core Rule Set (CRS) for web application logging, tune rules to reduce false