mukul975/anthropic-cybersecurity-skills

770 skills15.4K total installs Github

Github

Github

Skill

Installs

acquiring-disk-image-with-dd-and-dcfldd

analyzing-api-gateway-access-logs

analyzing-android-malware-with-apktool

analyzing-cyber-kill-chain

analyzing-email-headers-for-phishing-investigation

analyzing-active-directory-acl-abuse

analyzing-browser-forensics-with-hindsight

conducting-api-security-testing

analyzing-cloud-storage-access-patterns

analyzing-command-and-control-communication

analyzing-network-traffic-with-wireshark

performing-web-application-penetration-test

analyzing-certificate-transparency-for-phishing

testing-for-xss-vulnerabilities

analyzing-apt-group-with-mitre-navigator

analyzing-docker-container-forensics

testing-api-security-with-owasp-top-10

analyzing-azure-activity-logs-for-threats

conducting-network-penetration-test

analyzing-dns-logs-for-exfiltration

analyzing-linux-audit-logs-for-intrusion

testing-jwt-token-security

analyzing-network-packets-with-scapy

analyzing-malicious-url-with-urlscan

analyzing-linux-kernel-rootkits

reverse-engineering-android-malware-with-jadx

analyzing-network-traffic-of-malware

conducting-external-reconnaissance-with-osint

analyzing-ios-app-security-with-objection

analyzing-bootkit-and-rootkit-samples

exploiting-sql-injection-vulnerabilities

analyzing-network-traffic-for-incidents

analyzing-indicators-of-compromise

analyzing-linux-elf-malware

analyzing-campaign-attribution-evidence

analyzing-kubernetes-audit-logs

analyzing-linux-system-artifacts

analyzing-ethereum-smart-contract-vulnerabilities

analyzing-disk-image-with-autopsy

testing-for-xxe-injection-vulnerabilities

testing-api-for-broken-object-level-authorization

analyzing-threat-intelligence-feeds

analyzing-network-flow-data-with-netflow

analyzing-network-covert-channels-in-malware

testing-for-sensitive-data-exposure

testing-for-xss-vulnerabilities-with-burpsuite

analyzing-malware-sandbox-evasion-techniques

testing-api-authentication-weaknesses

analyzing-cobalt-strike-beacon-configuration

analyzing-malicious-pdf-with-peepdf

analyzing-cobaltstrike-malleable-c2-profiles

analyzing-golang-malware-with-ghidra

testing-for-json-web-token-vulnerabilities

analyzing-memory-dumps-with-volatility

testing-for-broken-access-control

analyzing-heap-spray-exploitation

testing-oauth2-implementation-flaws

analyzing-threat-actor-ttps-with-mitre-attack

testing-for-host-header-injection

testing-cors-misconfiguration

exploiting-server-side-request-forgery

analyzing-office365-audit-logs-for-compromise

conducting-mobile-app-penetration-test

analyzing-powershell-script-block-logging

performing-soc2-type2-audit-preparation

performing-web-application-vulnerability-triage

exploiting-sql-injection-with-sqlmap

analyzing-outlook-pst-for-email-forensics

collecting-open-source-intelligence

testing-for-open-redirect-vulnerabilities

analyzing-malware-persistence-with-autoruns

analyzing-mft-for-deleted-file-recovery

analyzing-malware-family-relationships-with-malpedia

conducting-cloud-penetration-testing

analyzing-malware-behavior-with-cuckoo-sandbox

analyzing-web-server-logs-for-intrusion

conducting-full-scope-red-team-engagement

analyzing-macro-malware-in-office-documents

bypassing-authentication-with-forced-browsing

analyzing-security-logs-with-splunk

deobfuscating-javascript-malware

analyzing-windows-event-logs-in-splunk

analyzing-powershell-empire-artifacts

testing-for-xml-injection-vulnerabilities

analyzing-memory-forensics-with-lime-and-volatility

analyzing-ransomware-leak-site-intelligence

analyzing-lnk-file-and-jump-list-artifacts

testing-mobile-api-authentication

exploiting-idor-vulnerabilities

exploiting-api-injection-vulnerabilities

performing-web-application-firewall-bypass

analyzing-ransomware-encryption-mechanisms

testing-for-business-logic-vulnerabilities

analyzing-packed-malware-with-upx-unpacker

auditing-aws-s3-bucket-permissions

analyzing-typosquatting-domains-with-dnstwist

testing-api-for-mass-assignment-vulnerability

analyzing-pdf-malware-with-pdfid

analyzing-ransomware-network-indicators

analyzing-threat-actor-ttps-with-mitre-navigator

analyzing-threat-landscape-with-misp

performing-web-application-scanning-with-nikto

analyzing-persistence-mechanisms-in-linux

analyzing-tls-certificate-transparency-logs

testing-for-email-header-injection

analyzing-supply-chain-malware-artifacts

exploiting-http-request-smuggling

conducting-wireless-network-penetration-test

conducting-internal-network-penetration-test

testing-websocket-api-security

analyzing-prefetch-files-for-execution-history

building-vulnerability-scanning-workflow

exploiting-nosql-injection-vulnerabilities

conducting-internal-reconnaissance-with-bloodhound-ce

exploiting-oauth-misconfiguration

exploiting-websocket-vulnerabilities

exploiting-template-injection-vulnerabilities

performing-web-cache-poisoning-attack

auditing-terraform-infrastructure-for-security

performing-web-cache-deception-attack

analyzing-usb-device-connection-history

auditing-azure-active-directory-configuration

scanning-network-with-nmap-advanced

analyzing-sbom-for-supply-chain-vulnerabilities

conducting-pass-the-ticket-attack

building-incident-response-playbook

building-threat-intelligence-platform

analyzing-windows-prefetch-with-python

auditing-kubernetes-cluster-rbac

building-soc-playbook-for-ransomware

reverse-engineering-ios-app-with-frida

analyzing-windows-amcache-artifacts

exploiting-race-condition-vulnerabilities

performing-api-rate-limiting-bypass

analyzing-slack-space-and-file-system-artifacts

exploiting-mass-assignment-in-rest-apis

analyzing-windows-registry-for-artifacts

exploiting-insecure-deserialization

conducting-social-engineering-penetration-test

auditing-gcp-iam-permissions

performing-csrf-attack-simulation

triaging-security-incident

building-soc-metrics-and-kpi-tracking

performing-ssrf-vulnerability-exploitation

auditing-cloud-with-cis-benchmarks

exploiting-jwt-algorithm-confusion-attack

building-threat-actor-profile-from-osint

building-attack-pattern-library-from-cti-reports

building-vulnerability-dashboard-with-defectdojo

hardening-docker-containers-for-production

building-c2-infrastructure-with-sliver-framework

exploiting-prototype-pollution-in-javascript

performing-api-security-testing-with-postman

performing-wifi-password-cracking-with-aircrack

building-automated-malware-submission-pipeline

conducting-post-incident-lessons-learned

building-threat-intelligence-feed-integration

deobfuscating-powershell-obfuscated-malware

collecting-threat-intelligence-with-misp

conducting-man-in-the-middle-attack-simulation

conducting-cloud-incident-response

analyzing-windows-shellbag-artifacts

exploiting-broken-function-level-authorization

building-red-team-c2-infrastructure-with-havoc

configuring-oauth2-authorization-flow

building-detection-rules-with-sigma

detecting-api-enumeration-attacks

analyzing-windows-lnk-files-for-artifacts

testing-android-intents-for-vulnerabilities

conducting-phishing-incident-response

performing-graphql-security-assessment

performing-vulnerability-scanning-with-nessus

building-adversary-infrastructure-tracking-system

building-vulnerability-exception-tracking-system

building-soc-escalation-matrix

prioritizing-vulnerabilities-with-cvss-scoring

building-incident-response-dashboard

building-detection-rule-with-splunk-spl

reverse-engineering-malware-with-ghidra

automating-ioc-enrichment

exploiting-type-juggling-vulnerabilities

conducting-malware-incident-response

executing-red-team-engagement-planning

exploiting-active-directory-certificate-services-esc1

performing-api-inventory-and-discovery

building-malware-incident-communication-template

extracting-browser-history-artifacts

conducting-domain-persistence-with-dcsync

performing-network-traffic-analysis-with-tshark

building-threat-hunt-hypothesis-framework

exploiting-broken-link-hijacking

collecting-indicators-of-compromise

analyzing-ransomware-payment-wallets

tracking-threat-actor-infrastructure

performing-active-directory-penetration-test

executing-red-team-exercise

exploiting-deeplink-vulnerabilities

performing-jwt-none-algorithm-attack

exploiting-excessive-data-exposure-in-api

conducting-memory-forensics-with-volatility

scanning-docker-images-with-trivy

triaging-security-incident-with-ir-playbook

performing-subdomain-enumeration-with-subfinder

conducting-social-engineering-pretext-call

analyzing-uefi-bootkit-persistence

performing-graphql-introspection-attack

building-cloud-siem-with-sentinel

building-threat-intelligence-enrichment-in-splunk

exploiting-active-directory-with-bloodhound

exploiting-kerberoasting-with-impacket

triaging-vulnerabilities-with-ssvc-framework

building-vulnerability-aging-and-sla-tracking

building-ioc-enrichment-pipeline-with-opencti

performing-hash-cracking-with-hashcat

exploiting-vulnerabilities-with-metasploit-framework

building-identity-federation-with-saml-azure-ad

exploiting-insecure-data-storage-in-mobile

building-identity-governance-lifecycle-process

building-role-mining-for-rbac-optimization

exploiting-ipv6-vulnerabilities

building-devsecops-pipeline-with-gitlab-ci

exploiting-bgp-hijacking-vulnerabilities

triaging-security-alerts-in-splunk

auditing-tls-certificate-transparency-logs

building-incident-timeline-with-timesketch

performing-api-fuzzing-with-restler

performing-authenticated-vulnerability-scan

performing-clickjacking-attack-test

performing-ssl-tls-security-assessment

securing-api-gateway-with-aws-waf

detecting-ai-model-prompt-injection-attacks

configuring-network-segmentation-with-vlans

building-ioc-defanging-and-sharing-pipeline

reverse-engineering-rust-malware

implementing-api-rate-limiting-and-throttling

performing-wireless-network-penetration-test

collecting-volatile-evidence-from-compromised-host

scanning-containers-with-trivy-in-cicd

performing-threat-modeling-with-owasp-threat-dragon

performing-http-parameter-pollution-attack

configuring-pfsense-firewall-rules

building-phishing-reporting-button-workflow

performing-directory-traversal-testing

implementing-api-schema-validation-security

hardening-linux-endpoint-with-cis-benchmark

performing-android-app-static-analysis-with-mobsf

testing-ransomware-recovery-procedures

securing-github-actions-workflows

configuring-host-based-intrusion-detection

building-threat-feed-aggregation-with-misp

performing-binary-exploitation-analysis

conducting-spearphishing-simulation-campaign

performing-blind-ssrf-exploitation

scanning-container-images-with-grype

configuring-tls-1-3-for-secure-communications

exploiting-constrained-delegation-abuse

monitoring-darkweb-sources

building-ransomware-playbook-with-cisa-framework

extracting-credentials-from-memory-dump

implementing-secret-scanning-with-gitleaks

performing-dark-web-monitoring-for-threats

performing-network-forensics-with-wireshark

configuring-windows-defender-advanced-settings

performing-privilege-escalation-on-linux

exploiting-nopac-cve-2021-42278-42287

remediating-s3-bucket-misconfiguration

validating-backup-integrity-for-recovery

implementing-jwt-signing-and-verification

reverse-engineering-dotnet-malware-with-dnspy

performing-privilege-escalation-assessment

performing-wireless-security-assessment-with-kismet

reverse-engineering-ransomware-encryption-routine

building-patch-tuesday-response-process

implementing-api-security-posture-management

performing-security-headers-audit

detecting-sql-injection-via-waf-logs

exploiting-smb-vulnerabilities-with-metasploit

exploiting-zerologon-vulnerability-cve-2020-1472

performing-ssl-stripping-attack

detecting-shadow-api-endpoints

scanning-kubernetes-manifests-with-kubesec

performing-second-order-sql-injection

configuring-certificate-authority-with-openssl

performing-kubernetes-penetration-testing

performing-graphql-depth-limit-attack

detecting-aws-iam-privilege-escalation

hardening-docker-daemon-configuration

correlating-threat-campaigns

securing-aws-lambda-execution-roles

implementing-api-gateway-security-controls

deploying-cloudflare-access-for-zero-trust

performing-aws-privilege-escalation-assessment

hunting-advanced-persistent-threats

performing-container-security-scanning-with-trivy

performing-network-packet-capture-analysis

performing-user-behavior-analytics

performing-power-grid-cybersecurity-assessment

configuring-active-directory-tiered-model

securing-serverless-functions

deploying-edr-agent-with-crowdstrike

scanning-infrastructure-with-nessus

performing-vlan-hopping-attack

configuring-windows-event-logging-for-detection

performing-active-directory-vulnerability-assessment

configuring-suricata-for-network-monitoring

performing-cve-prioritization-with-kev-catalog

performing-mobile-app-certificate-pinning-bypass

performing-active-directory-bloodhound-analysis

deploying-tailscale-for-zero-trust-vpn

extracting-iocs-from-malware-samples

extracting-windows-event-logs-artifacts

securing-kubernetes-on-cloud

performing-red-team-with-covenant

performing-ai-driven-osint-correlation

detecting-anomalous-authentication-patterns

exploiting-ms17-010-eternalblue-vulnerability

hunting-for-dns-based-persistence

performing-serverless-function-security-review

performing-external-network-penetration-test

securing-aws-iam-permissions

detecting-aws-cloudtrail-anomalies

performing-active-directory-compromise-investigation

performing-cloud-penetration-testing-with-pacu

hunting-for-supply-chain-compromise

performing-osint-with-spiderfoot

securing-container-registry-images

detecting-email-account-compromise

configuring-aws-verified-access-for-ztna

performing-privileged-account-discovery

performing-open-source-intelligence-gathering

implementing-api-key-security-controls

configuring-microsegmentation-for-zero-trust

performing-ssl-tls-inspection-configuration

implementing-api-abuse-detection-with-rate-limiting

containing-active-breach

performing-content-security-policy-bypass

detecting-insider-threat-behaviors

detecting-dll-sideloading-attacks

analyzing-cobalt-strike-malleable-profiles

securing-helm-chart-deployments

performing-red-team-phishing-with-gophish

hunting-for-unusual-network-connections

integrating-dast-with-owasp-zap-in-pipeline

performing-firmware-malware-analysis

detecting-anomalies-in-industrial-control-systems

detecting-email-forwarding-rules-attack

implementing-attack-surface-management

securing-remote-access-to-ot-environment

generating-threat-intelligence-reports

performing-active-directory-forest-trust-attack

hunting-credential-stuffing-attacks

performing-aws-account-enumeration-with-scout-suite

detecting-supply-chain-attacks-in-ci-cd

detecting-attacks-on-scada-systems

performing-threat-hunting-with-yara-rules

performing-packet-injection-attack

hunting-for-webshell-activity

intercepting-mobile-traffic-with-burpsuite

mapping-mitre-attack-techniques

performing-kerberoasting-attack

configuring-hsm-for-key-storage

configuring-snort-ids-for-intrusion-detection

implementing-mitre-attack-coverage-mapping

integrating-sast-into-github-actions-pipeline

deploying-palo-alto-prisma-access-zero-trust

performing-threat-landscape-assessment-for-sector

deploying-ransomware-canary-files

executing-phishing-simulation-campaign

implementing-pci-dss-compliance-controls

performing-ios-app-security-assessment

performing-ssl-certificate-lifecycle-management

performing-arp-spoofing-attack-simulation

hunting-for-spearphishing-indicators

implementing-aes-encryption-for-data-at-rest

performing-memory-forensics-with-volatility3

profiling-threat-actor-groups

performing-network-traffic-analysis-with-zeek

configuring-identity-aware-proxy-with-google-iap

deploying-osquery-for-endpoint-monitoring

performing-thick-client-application-penetration-test

implementing-network-access-control

performing-purple-team-exercise

building-cloud-security-posture-management

analyzing-phishing-email-headers

performing-service-account-audit

performing-oauth-scope-minimization-review

detecting-oauth-token-theft

implementing-kubernetes-pod-security-standards

detecting-suspicious-oauth-application-consent

performing-threat-hunting-with-elastic-siem

implementing-semgrep-for-custom-sast-rules

performing-sca-dependency-scanning-with-snyk

hunting-for-dcsync-attacks

detecting-s3-data-exfiltration-attempts

hardening-windows-endpoint-with-cis-benchmark

detecting-business-email-compromise

performing-authenticated-scan-with-openvas

securing-azure-with-microsoft-defender

detecting-privilege-escalation-attempts

detecting-broken-object-property-level-authorization

performing-endpoint-forensics-investigation

implementing-llm-guardrails-for-security

detecting-arp-poisoning-in-network-traffic

hunting-for-anomalous-powershell-execution

performing-service-account-credential-rotation

configuring-ldap-security-hardening

implementing-devsecops-security-scanning

detecting-fileless-attacks-on-endpoints

performing-ot-vulnerability-assessment-with-claroty

hunting-for-data-exfiltration-indicators

detecting-dns-exfiltration-with-dns-query-analysis

detecting-dcsync-attack-in-active-directory

implementing-aws-iam-permission-boundaries

detecting-lateral-movement-in-network

implementing-api-threat-protection-with-apigee

performing-yara-rule-development-for-detection

implementing-threat-intelligence-lifecycle-management

implementing-api-security-testing-with-42crunch

detecting-business-email-compromise-with-ai

performing-agentless-vulnerability-scanning

performing-supply-chain-attack-simulation

hunting-for-process-injection-techniques

performing-lateral-movement-with-wmiexec

performing-linux-log-forensics-investigation

performing-cryptographic-audit-of-application

detecting-aws-guardduty-findings-automation

detecting-container-escape-attempts

executing-active-directory-attack-simulation

performing-nist-csf-maturity-assessment

conducting-mobile-application-penetration-test

performing-physical-intrusion-assessment

performing-ransomware-response

detecting-kerberoasting-attacks

performing-ot-vulnerability-scanning-safely

eradicating-malware-from-infected-systems

performing-mobile-device-forensics-with-cellebrite

performing-steganography-detection

detecting-pass-the-hash-attacks

performing-timeline-reconstruction-with-plaso

configuring-multi-factor-authentication-with-duo

hunting-for-registry-run-key-persistence

hunting-for-dns-tunneling-with-zeek

performing-phishing-simulation-with-gophish

extracting-config-from-agent-tesla-rat

performing-windows-artifact-analysis-with-eric-zimmerman-tools

implementing-threat-modeling-with-mitre-attack

performing-threat-emulation-with-atomic-red-team

configuring-zscaler-private-access-for-ztna

implementing-gdpr-data-protection-controls

performing-privileged-account-access-review

implementing-attack-path-analysis-with-xm-cyber

detecting-serverless-function-injection

performing-cloud-asset-inventory-with-cartography

hunting-for-suspicious-scheduled-tasks

implementing-aqua-security-for-container-scanning

performing-privacy-impact-assessment

implementing-iso-27001-information-security-management

performing-container-image-hardening

performing-adversary-in-the-middle-phishing-detection

implementing-security-chaos-engineering

extracting-memory-artifacts-with-rekall

correlating-security-events-in-qradar

performing-memory-forensics-with-volatility3-plugins

implementing-google-workspace-phishing-protection

detecting-azure-lateral-movement

hunting-for-unusual-service-installations

detecting-insider-threat-with-ueba

detecting-azure-storage-account-misconfigurations

performing-ot-network-security-assessment

implementing-anti-phishing-training-program

hunting-for-command-and-control-beaconing

performing-dynamic-analysis-of-android-app

conducting-cloud-infrastructure-penetration-test

implementing-zero-trust-network-access

performing-kubernetes-cis-benchmark-with-kube-bench

detecting-cryptomining-in-cloud

detecting-ransomware-precursors-in-network

detecting-azure-service-principal-abuse

performing-gcp-security-assessment-with-forseti

recovering-from-ransomware-attack

implementing-network-intrusion-prevention-with-suricata

detecting-cloud-threats-with-guardduty

implementing-google-workspace-sso-configuration

detecting-attacks-on-historian-servers

performing-credential-access-with-lazagne

securing-container-registry-with-harbor

hunting-for-ntlm-relay-attacks

performing-malware-persistence-investigation

performing-malware-hash-enrichment-with-virustotal

implementing-vulnerability-management-with-greenbone

performing-plc-firmware-security-analysis

implementing-zero-trust-in-cloud

implementing-cloud-vulnerability-posture-management

hunting-for-cobalt-strike-beacons

implementing-zero-trust-for-saas-applications

performing-ransomware-tabletop-exercise

implementing-network-segmentation-with-firewall-zones

performing-static-malware-analysis-with-pe-studio

hunting-for-persistence-mechanisms-in-windows

performing-dns-enumeration-and-zone-transfer

detecting-dnp3-protocol-anomalies

hunting-for-data-staging-before-exfiltration

detecting-deepfake-audio-in-vishing-attacks

investigating-phishing-email-incident

implementing-web-application-logging-with-modsecurity

detecting-network-scanning-with-ids-signatures

implementing-alert-fatigue-reduction

detecting-credential-dumping-techniques

securing-historian-server-in-ot-environment

performing-endpoint-vulnerability-remediation

performing-threat-intelligence-sharing-with-misp

detecting-golden-ticket-attacks-in-kerberos-logs

implementing-cisa-zero-trust-maturity-model

performing-iot-security-assessment

performing-automated-malware-analysis-with-cape

detecting-modbus-command-injection-attacks

performing-indicator-lifecycle-management

hunting-for-lateral-movement-via-wmi

performing-disk-forensics-investigation

hunting-for-registry-persistence-mechanisms

performing-asset-criticality-scoring-for-vulns

performing-malware-triage-with-yara

detecting-network-anomalies-with-zeek

deploying-decoy-files-for-ransomware-detection

implementing-network-segmentation-for-ot

performing-scada-hmi-security-assessment

detecting-exfiltration-over-dns-with-zeek

implementing-dmarc-dkim-spf-email-security

hunting-for-scheduled-task-persistence

performing-purple-team-atomic-testing

detecting-shadow-it-cloud-usage

implementing-google-workspace-admin-security

implementing-application-whitelisting-with-applocker

performing-kubernetes-etcd-security-assessment

hunting-for-persistence-via-wmi-subscriptions

implementing-network-access-control-with-cisco-ise

implementing-github-advanced-security-for-code-scanning

performing-cloud-native-forensics-with-falco

detecting-port-scanning-with-fail2ban

implementing-rsa-key-pair-management

performing-bandwidth-throttling-attack-simulation

implementing-mobile-application-management

performing-malware-ioc-extraction

implementing-privileged-session-monitoring

performing-fuzzing-with-aflplusplus

implementing-network-policies-for-kubernetes

hunting-for-living-off-the-cloud-techniques

performing-dns-tunneling-detection

performing-docker-bench-security-assessment

hunting-for-shadow-copy-deletion

deploying-software-defined-perimeter

implementing-infrastructure-as-code-security-scanning

detecting-lateral-movement-with-splunk

detecting-container-escape-with-falco-rules

hunting-for-domain-fronting-c2-traffic

performing-soap-web-service-security-testing

performing-soc-tabletop-exercise

performing-firmware-extraction-with-binwalk

processing-stix-taxii-feeds

performing-log-analysis-for-forensic-investigation

hunting-for-defense-evasion-via-timestomping

hunting-for-t1098-account-manipulation

implementing-siem-correlation-rules-for-apt

detecting-fileless-malware-techniques

performing-paste-site-monitoring-for-credentials

performing-ip-reputation-analysis-with-shodan

implementing-secrets-scanning-in-ci-cd

deploying-active-directory-honeytokens

hunting-for-startup-folder-persistence

implementing-secrets-management-with-vault

hunting-for-lolbins-execution-in-endpoint-logs

evaluating-threat-intelligence-platforms

implementing-end-to-end-encryption-for-messaging

detecting-aws-credential-exposure-with-trufflehog

performing-dynamic-analysis-with-any-run

detecting-bluetooth-low-energy-attacks

detecting-process-injection-techniques

implementing-aws-config-rules-for-compliance

implementing-anti-ransomware-group-policy

implementing-ddos-mitigation-with-cloudflare

detecting-golden-ticket-forgery

detecting-qr-code-phishing-with-email-security

investigating-insider-threat-indicators

performing-cloud-log-forensics-with-athena

implementing-next-generation-firewall-with-palo-alto

implementing-pod-security-admission-controller

implementing-patch-management-for-ot-systems

implementing-hashicorp-vault-dynamic-secrets

implementing-stix-taxii-feed-integration

performing-access-review-and-certification

detecting-container-drift-at-runtime

detecting-suspicious-powershell-execution

performing-oil-gas-cybersecurity-assessment

implementing-ransomware-backup-strategy

implementing-rbac-hardening-for-kubernetes

performing-false-positive-reduction-in-siem

implementing-kubernetes-network-policy-with-calico

detecting-beaconing-patterns-with-zeek

performing-bluetooth-security-assessment

performing-sqlite-database-forensics

implementing-network-traffic-analysis-with-arkime

detecting-insider-data-exfiltration-via-dlp

detecting-typosquatting-packages-in-npm-pypi

implementing-zero-trust-dns-with-nextdns

performing-ics-asset-discovery-with-claroty

managing-intelligence-lifecycle

performing-cloud-forensics-with-aws-cloudtrail

performing-container-escape-detection

detecting-compromised-cloud-credentials

performing-lateral-movement-detection

implementing-gdpr-data-subject-access-request

performing-insider-threat-investigation

implementing-network-traffic-baselining

auditing-kubernetes-rbac-permissions

performing-ioc-enrichment-automation

performing-cloud-incident-containment-procedures

performing-cloud-forensics-investigation

implementing-patch-management-workflow

implementing-ot-network-traffic-analysis-with-nozomi

implementing-endpoint-detection-with-wazuh

hunting-for-dcom-lateral-movement

hunting-for-living-off-the-land-binaries

detecting-service-account-abuse

performing-dmarc-policy-enforcement-rollout

implementing-zero-knowledge-proof-for-authentication

hunting-for-beaconing-with-frequency-analysis

detecting-process-hollowing-technique

performing-gcp-penetration-testing-with-gcpbucketbrute

implementing-gcp-binary-authorization

implementing-vulnerability-remediation-sla

implementing-privileged-access-management-with-cyberark

implementing-endpoint-dlp-controls

detecting-living-off-the-land-with-lolbas

implementing-passwordless-auth-with-microsoft-entra

implementing-honeytokens-for-breach-detection

implementing-memory-protection-with-dep-aslr

implementing-siem-use-case-tuning

implementing-zero-trust-network-access-with-zscaler

investigating-ransomware-attack-artifacts

detecting-spearphishing-with-email-gateway

implementing-zero-trust-with-hashicorp-boundary

implementing-cloud-waf-rules

detecting-modbus-protocol-anomalies

implementing-soar-automation-with-phantom

implementing-runtime-application-self-protection

implementing-epss-score-for-vulnerability-prioritization

detecting-pass-the-ticket-attacks

implementing-pam-for-database-access

implementing-gcp-vpc-firewall-rules

implementing-azure-defender-for-cloud

implementing-policy-as-code-with-open-policy-agent

detecting-mimikatz-execution-patterns

implementing-aws-security-hub-compliance

implementing-identity-verification-for-zero-trust

detecting-privilege-escalation-in-kubernetes-pods

managing-cloud-identity-with-okta

implementing-ransomware-kill-switch-detection

performing-brand-monitoring-for-impersonation

performing-post-quantum-cryptography-migration

detecting-rdp-brute-force-attacks

implementing-canary-tokens-for-network-intrusion

implementing-aws-security-hub

performing-hardware-security-module-integration

performing-alert-triage-with-elastic-siem

detecting-stuxnet-style-attacks

performing-file-carving-with-foremost

detecting-living-off-the-land-attacks

recovering-deleted-files-with-photorec

implementing-beyondcorp-zero-trust-access-model

implementing-azure-ad-privileged-identity-management

implementing-soar-playbook-with-palo-alto-xsoar

performing-cloud-storage-forensic-acquisition

implementing-code-signing-for-artifacts

implementing-identity-governance-with-sailpoint

implementing-scim-provisioning-with-okta

implementing-fuzz-testing-in-cicd-with-aflplusplus

implementing-immutable-backup-with-restic

detecting-t1055-process-injection-with-sysmon

implementing-data-loss-prevention-with-microsoft-purview

performing-entitlement-review-with-sailpoint-iiq

implementing-passwordless-authentication-with-fido2

implementing-network-deception-with-honeypots

detecting-mobile-malware-behavior

implementing-bgp-security-with-rpki

implementing-mimecast-targeted-attack-protection

implementing-velociraptor-for-ir-collection

implementing-vulnerability-sla-breach-alerting

detecting-command-and-control-over-dns

performing-cloud-native-threat-hunting-with-aws-detective

implementing-gcp-organization-policy-constraints

detecting-wmi-persistence

implementing-container-network-policies-with-calico

implementing-aws-macie-for-data-classification

implementing-siem-use-cases-for-detection

implementing-privileged-access-workstation

performing-deception-technology-deployment

implementing-cloud-workload-protection

implementing-log-integrity-with-blockchain

implementing-rapid7-insightvm-for-scanning

implementing-aws-nitro-enclave-security

implementing-browser-isolation-for-zero-trust

implementing-supply-chain-security-with-in-toto

performing-s7comm-protocol-security-analysis

detecting-evasion-techniques-in-endpoint-logs

implementing-email-sandboxing-with-proofpoint

performing-log-source-onboarding-in-siem

implementing-iec-62443-security-zones

performing-initial-access-with-evilginx3

implementing-cloud-security-posture-management

implementing-image-provenance-verification-with-cosign

implementing-ticketing-system-for-incidents

performing-cloud-penetration-testing

implementing-cloud-trail-log-analysis

implementing-proofpoint-email-security-gateway

implementing-file-integrity-monitoring-with-aide

implementing-dragos-platform-for-ot-monitoring

implementing-container-image-minimal-base-with-distroless

implementing-mtls-for-zero-trust-services

implementing-sigstore-for-software-signing

implementing-hardware-security-key-authentication

implementing-zero-standing-privilege-with-cyberark

implementing-digital-signatures-with-ed25519

implementing-device-posture-assessment-in-zero-trust

implementing-saml-sso-with-okta

implementing-log-forwarding-with-fluentd

implementing-diamond-model-analysis

implementing-security-monitoring-with-datadog

detecting-rootkit-activity

implementing-nerc-cip-compliance-controls

implementing-conduit-security-for-ot-remote-access

implementing-just-in-time-access-provisioning

implementing-usb-device-control-policy

implementing-taxii-server-with-opentaxii

detecting-t1003-credential-dumping-with-edr

implementing-syslog-centralization-with-rsyslog

implementing-disk-encryption-with-bitlocker

detecting-ntlm-relay-with-event-correlation

performing-access-recertification-with-saviynt

implementing-security-information-sharing-with-stix2

implementing-conditional-access-policies-azure-ad

containing-active-security-breach

implementing-cloud-dlp-for-data-protection

implementing-microsegmentation-with-guardicore

detecting-t1548-abuse-elevation-control-mechanism

implementing-ot-incident-response-playbook

implementing-zero-trust-with-beyondcorp

implementing-envelope-encryption-with-aws-kms

implementing-soar-playbook-for-phishing

implementing-honeypot-for-ransomware-detection

detecting-ransomware-encryption-behavior

implementing-opa-gatekeeper-for-policy-enforcement

implementing-runtime-security-with-tetragon

implementing-continuous-security-validation-with-bas

implementing-deception-based-detection-with-canarytoken

implementing-ics-firewall-with-tofino

detecting-malicious-scheduled-tasks-with-sysmon

implementing-delinea-secret-server-for-pam

monitoring-scada-modbus-traffic-anomalies

implementing-purdue-model-network-segmentation

detecting-misconfigured-azure-storage

implementing-ebpf-security-monitoring

detecting-cloud-cryptomining-activity

hunting-living-off-the-land-binaries

performing-ransomware-incident-response

detecting-lateral-movement-with-zeek

implementing-threat-intelligence-platform

implementing-rbac-for-kubernetes-cluster

hunting-for-webshells-in-web-servers

detecting-golden-ticket-attacks

executing-diamond-model-analysis