cis-controls
CIS Controls v8.1 Skill
Purpose
Implement prioritized CIS Controls for cyber defense across all Hack23 projects, focusing on high-impact security controls organized by Implementation Groups.
Rules
Implementation Group 1 (Essential - All Projects)
Control 1: Inventory of Enterprise Assets
- MUST maintain asset inventory for all repositories and infrastructure
- MUST tag all cloud resources with Application, Environment, and Owner
Control 2: Inventory of Software Assets
- MUST track all dependencies (package.json, pom.xml, requirements.txt)
- MUST enable Dependabot for automated dependency tracking
- MUST generate Software Bill of Materials (SBOM) for releases
More from hack23/homepage
github-actions-cicd
GitHub Actions workflow structure, security scanning integration (CodeQL, ZAP), Lighthouse audits, minification, and deployment automation
108html-css-best-practices
Semantic HTML5, CSS custom properties, responsive design, and performance optimization for web development
91agentic-workflow-orchestration
Multi-agent coordination, orchestrator-worker patterns, /plan decomposition, and project coordination for GitHub Agentic Workflows
61product-documentation
Product documentation standards covering user guides, feature documentation, release notes, and end-user communication
52c4-modeling
C4 model (Context, Container, Component, Code) diagram patterns with Mermaid syntax for architecture documentation
33cryptography
Approved cryptographic algorithms, TLS enforcement, key management, and certificate handling per Hack23 Cryptographic Controls Policy
32