Deploy Breach and Attack Simulation tools to continuously validate security control effectiveness by safely emulating

'Implements data loss prevention policies using Microsoft Purview to protect sensitive information across Exchange

Configure Cloudflare DDoS protection with managed rulesets, rate limiting, WAF rules, Bot Management, and origin

Deploy and monitor Canary Tokens via the Thinkst Canary API for deception-based breach detection using web bug

'Implements Delinea Secret Server for privileged access management (PAM) including secret vault configuration,

'Implementing device posture assessment as a zero trust access control by integrating endpoint health signals

'Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software

The Diamond Model of Intrusion Analysis provides a structured framework for analyzing cyber intrusions by examining

Ed25519 is a high-performance digital signature algorithm using the Edwards curve Curve25519. It provides 128-bit

'Implements full disk encryption using Microsoft BitLocker on Windows endpoints to protect data at rest from

SPF, DKIM, and DMARC form the three pillars of email authentication. Together they prevent domain spoofing, validate

'Deploy and configure the Dragos Platform for OT network monitoring, leveraging its 600+ industrial protocol

'Implements eBPF-based security monitoring using Cilium Tetragon for real-time process execution tracking, network

Email sandboxing detonates suspicious attachments and URLs in isolated environments to detect zero-day malware

End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary

Deploy and configure Wazuh SIEM/XDR for endpoint detection including agent management, custom decoder and rule

'Implements endpoint Data Loss Prevention (DLP) controls to detect and prevent sensitive data exfiltration through

Envelope encryption is a strategy where data is encrypted with a data encryption key (DEK), and the DEK itself

Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based

Configure AIDE (Advanced Intrusion Detection Environment) for file integrity monitoring including baseline creation,

Integrate AFL++ coverage-guided fuzz testing into CI/CD pipelines to discover memory corruption, input handling,

Implement GCP Binary Authorization to enforce deploy-time security controls that ensure only trusted, attested

Implement GCP Organization Policy constraints to enforce security guardrails across the entire resource hierarchy,

'Implementing and auditing GCP VPC firewall rules to enforce network segmentation, restrict ingress and egress

The General Data Protection Regulation (EU) 2016/679 (GDPR) is the EU's comprehensive data protection law governing

'Automates GDPR Data Subject Access Request (DSAR) workflows including identity verification, PII discovery across

Configure GitHub Advanced Security with CodeQL to perform automated static analysis and vulnerability detection

'Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant

Configure Google Workspace advanced phishing and malware protection settings including pre-delivery scanning,

Configure SAML 2.0 single sign-on for Google Workspace with a third-party identity provider, enabling centralized

'Implements FIDO2/WebAuthn hardware security key authentication including registration ceremonies, authentication

'Implements HashiCorp Vault dynamic secrets engines for database credentials, AWS IAM keys, and PKI certificates

'Deploys canary files, honeypot shares, and decoy systems to detect ransomware activity at the earliest possible

'Deploys canary tokens and honeytokens (fake AWS credentials, DNS canaries, document beacons, database records)

'Deploy and configure Tofino industrial firewalls from Belden/Hirschmann to protect SCADA systems and PLCs using

Deploy SailPoint IdentityNow or IdentityIQ for identity governance and administration. Covers identity lifecycle

Implement continuous identity verification for zero trust using phishing-resistant MFA (FIDO2/WebAuthn), risk-based

'This skill covers designing and implementing security zones and conduits for industrial automation and control

Sign and verify container image provenance using Sigstore Cosign with keyless OIDC-based signing, attestations,

'Implements immutable backup strategy using restic with S3-compatible storage and object lock for ransomware-resistant

'This skill covers implementing automated security scanning for Infrastructure as Code (IaC) templates using

ISO/IEC 27001:2022 is the international standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). This skill covers the complete

Implement Just-In-Time (JIT) access provisioning to eliminate standing privileges by granting temporary, time-bound

JSON Web Tokens (JWT) defined in RFC 7519 are compact, URL-safe tokens used for authentication and authorization

Implement Kubernetes network segmentation using Calico NetworkPolicy and GlobalNetworkPolicy for zero-trust pod-to-pod

Pod Security Standards (PSS) define three levels of security policies -- Privileged, Baseline, and Restricted

'Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection,

Configure Fluentd and Fluent Bit for centralized log aggregation, routing, filtering, and enrichment across distributed

Build an append-only log integrity chain using SHA-256 hash chaining for tamper detection. Each log entry is

'Implements memory protection mechanisms including DEP (Data Execution Prevention), ASLR (Address Space Layout