mukul975/anthropic-cybersecurity-skills

770 skills13.9K total installs Github

Github

Github

Skill

Installs

acquiring-disk-image-with-dd-and-dcfldd

analyzing-api-gateway-access-logs

analyzing-android-malware-with-apktool

analyzing-cyber-kill-chain

analyzing-browser-forensics-with-hindsight

analyzing-active-directory-acl-abuse

analyzing-email-headers-for-phishing-investigation

analyzing-command-and-control-communication

conducting-api-security-testing

analyzing-cloud-storage-access-patterns

analyzing-network-traffic-with-wireshark

analyzing-certificate-transparency-for-phishing

analyzing-apt-group-with-mitre-navigator

analyzing-linux-audit-logs-for-intrusion

analyzing-azure-activity-logs-for-threats

analyzing-docker-container-forensics

analyzing-dns-logs-for-exfiltration

analyzing-network-packets-with-scapy

analyzing-linux-kernel-rootkits

testing-for-xss-vulnerabilities

conducting-network-penetration-test

analyzing-malicious-url-with-urlscan

performing-web-application-penetration-test

analyzing-network-traffic-of-malware

analyzing-ios-app-security-with-objection

analyzing-network-traffic-for-incidents

testing-jwt-token-security

exploiting-sql-injection-vulnerabilities

reverse-engineering-android-malware-with-jadx

testing-api-security-with-owasp-top-10

analyzing-bootkit-and-rootkit-samples

analyzing-linux-elf-malware

analyzing-indicators-of-compromise

analyzing-linux-system-artifacts

analyzing-disk-image-with-autopsy

conducting-external-reconnaissance-with-osint

analyzing-campaign-attribution-evidence

analyzing-ethereum-smart-contract-vulnerabilities

analyzing-kubernetes-audit-logs

analyzing-network-flow-data-with-netflow

analyzing-network-covert-channels-in-malware

analyzing-malware-sandbox-evasion-techniques

analyzing-threat-intelligence-feeds

analyzing-golang-malware-with-ghidra

analyzing-memory-dumps-with-volatility

analyzing-malicious-pdf-with-peepdf

exploiting-server-side-request-forgery

analyzing-heap-spray-exploitation

analyzing-cobaltstrike-malleable-c2-profiles

testing-for-xxe-injection-vulnerabilities

analyzing-cobalt-strike-beacon-configuration

analyzing-powershell-script-block-logging

analyzing-threat-actor-ttps-with-mitre-attack

analyzing-office365-audit-logs-for-compromise

performing-soc2-type2-audit-preparation

exploiting-sql-injection-with-sqlmap

testing-api-authentication-weaknesses

analyzing-malware-persistence-with-autoruns

analyzing-outlook-pst-for-email-forensics

testing-for-xss-vulnerabilities-with-burpsuite

collecting-open-source-intelligence

testing-api-for-broken-object-level-authorization

analyzing-web-server-logs-for-intrusion

analyzing-malware-family-relationships-with-malpedia

testing-for-sensitive-data-exposure

analyzing-malware-behavior-with-cuckoo-sandbox

analyzing-windows-event-logs-in-splunk

analyzing-macro-malware-in-office-documents

bypassing-authentication-with-forced-browsing

conducting-mobile-app-penetration-test

deobfuscating-javascript-malware

testing-for-json-web-token-vulnerabilities

analyzing-mft-for-deleted-file-recovery

analyzing-security-logs-with-splunk

performing-web-application-vulnerability-triage

conducting-cloud-penetration-testing

testing-for-host-header-injection

analyzing-powershell-empire-artifacts

testing-oauth2-implementation-flaws

conducting-full-scope-red-team-engagement

analyzing-memory-forensics-with-lime-and-volatility

testing-for-open-redirect-vulnerabilities

analyzing-ransomware-leak-site-intelligence

testing-cors-misconfiguration

analyzing-lnk-file-and-jump-list-artifacts

testing-for-broken-access-control

analyzing-ransomware-encryption-mechanisms

exploiting-idor-vulnerabilities

exploiting-api-injection-vulnerabilities

analyzing-packed-malware-with-upx-unpacker

auditing-aws-s3-bucket-permissions

analyzing-pdf-malware-with-pdfid

analyzing-ransomware-network-indicators

analyzing-threat-actor-ttps-with-mitre-navigator

analyzing-threat-landscape-with-misp

analyzing-typosquatting-domains-with-dnstwist

testing-for-xml-injection-vulnerabilities

analyzing-tls-certificate-transparency-logs

analyzing-supply-chain-malware-artifacts

performing-web-application-firewall-bypass

analyzing-persistence-mechanisms-in-linux

exploiting-nosql-injection-vulnerabilities

analyzing-prefetch-files-for-execution-history

exploiting-http-request-smuggling

building-vulnerability-scanning-workflow

testing-for-business-logic-vulnerabilities

testing-mobile-api-authentication

conducting-wireless-network-penetration-test

exploiting-websocket-vulnerabilities

performing-web-application-scanning-with-nikto

conducting-internal-reconnaissance-with-bloodhound-ce

analyzing-usb-device-connection-history

exploiting-oauth-misconfiguration

exploiting-template-injection-vulnerabilities

testing-for-email-header-injection

testing-api-for-mass-assignment-vulnerability

auditing-azure-active-directory-configuration

conducting-internal-network-penetration-test

analyzing-windows-prefetch-with-python

analyzing-windows-amcache-artifacts

analyzing-slack-space-and-file-system-artifacts

scanning-network-with-nmap-advanced

building-soc-playbook-for-ransomware

testing-websocket-api-security

analyzing-windows-registry-for-artifacts

exploiting-race-condition-vulnerabilities

conducting-pass-the-ticket-attack

building-incident-response-playbook

exploiting-mass-assignment-in-rest-apis

analyzing-sbom-for-supply-chain-vulnerabilities

exploiting-insecure-deserialization

auditing-gcp-iam-permissions

building-soc-metrics-and-kpi-tracking

building-threat-intelligence-platform

auditing-kubernetes-cluster-rbac

exploiting-prototype-pollution-in-javascript

reverse-engineering-ios-app-with-frida

building-attack-pattern-library-from-cti-reports

conducting-cloud-incident-response

analyzing-windows-shellbag-artifacts

performing-web-cache-poisoning-attack

auditing-cloud-with-cis-benchmarks

analyzing-windows-lnk-files-for-artifacts

building-automated-malware-submission-pipeline

auditing-terraform-infrastructure-for-security

deobfuscating-powershell-obfuscated-malware

performing-web-cache-deception-attack

exploiting-jwt-algorithm-confusion-attack

building-threat-actor-profile-from-osint

conducting-social-engineering-penetration-test

triaging-security-incident

building-vulnerability-dashboard-with-defectdojo

building-c2-infrastructure-with-sliver-framework

exploiting-broken-function-level-authorization

building-red-team-c2-infrastructure-with-havoc

performing-ssrf-vulnerability-exploitation

configuring-oauth2-authorization-flow

building-threat-intelligence-feed-integration

building-adversary-infrastructure-tracking-system

building-vulnerability-exception-tracking-system

building-soc-escalation-matrix

exploiting-active-directory-certificate-services-esc1

building-incident-response-dashboard

conducting-post-incident-lessons-learned

building-detection-rule-with-splunk-spl

building-malware-incident-communication-template

performing-api-rate-limiting-bypass

automating-ioc-enrichment

hardening-docker-containers-for-production

building-detection-rules-with-sigma

detecting-api-enumeration-attacks

collecting-threat-intelligence-with-misp

performing-graphql-security-assessment

conducting-man-in-the-middle-attack-simulation

performing-csrf-attack-simulation

exploiting-type-juggling-vulnerabilities

executing-red-team-engagement-planning

extracting-browser-history-artifacts

performing-api-security-testing-with-postman

conducting-domain-persistence-with-dcsync

performing-network-traffic-analysis-with-tshark

exploiting-broken-link-hijacking

reverse-engineering-malware-with-ghidra

performing-vulnerability-scanning-with-nessus

conducting-malware-incident-response

analyzing-ransomware-payment-wallets

triaging-security-incident-with-ir-playbook

exploiting-deeplink-vulnerabilities

conducting-phishing-incident-response

building-threat-hunt-hypothesis-framework

exploiting-active-directory-with-bloodhound

triaging-vulnerabilities-with-ssvc-framework

tracking-threat-actor-infrastructure

performing-active-directory-penetration-test

executing-red-team-exercise

prioritizing-vulnerabilities-with-cvss-scoring

performing-wifi-password-cracking-with-aircrack

testing-android-intents-for-vulnerabilities

conducting-social-engineering-pretext-call

analyzing-uefi-bootkit-persistence

exploiting-excessive-data-exposure-in-api

building-cloud-siem-with-sentinel

collecting-indicators-of-compromise

building-threat-intelligence-enrichment-in-splunk

exploiting-kerberoasting-with-impacket

building-vulnerability-aging-and-sla-tracking

exploiting-vulnerabilities-with-metasploit-framework

exploiting-insecure-data-storage-in-mobile

performing-jwt-none-algorithm-attack

exploiting-ipv6-vulnerabilities

performing-ssl-tls-security-assessment

exploiting-bgp-hijacking-vulnerabilities

conducting-memory-forensics-with-volatility

triaging-security-alerts-in-splunk

building-incident-timeline-with-timesketch

building-ioc-enrichment-pipeline-with-opencti

building-identity-federation-with-saml-azure-ad

scanning-docker-images-with-trivy

configuring-pfsense-firewall-rules

performing-subdomain-enumeration-with-subfinder

building-identity-governance-lifecycle-process

performing-api-inventory-and-discovery

collecting-volatile-evidence-from-compromised-host

auditing-tls-certificate-transparency-logs

configuring-network-segmentation-with-vlans

performing-hash-cracking-with-hashcat

building-ioc-defanging-and-sharing-pipeline

building-role-mining-for-rbac-optimization

building-devsecops-pipeline-with-gitlab-ci

performing-graphql-introspection-attack

conducting-spearphishing-simulation-campaign

building-phishing-reporting-button-workflow

reverse-engineering-rust-malware

configuring-tls-1-3-for-secure-communications

performing-directory-traversal-testing

securing-api-gateway-with-aws-waf

detecting-ai-model-prompt-injection-attacks

scanning-containers-with-trivy-in-cicd

securing-github-actions-workflows

configuring-host-based-intrusion-detection

building-threat-feed-aggregation-with-misp

performing-network-forensics-with-wireshark

scanning-container-images-with-grype

implementing-api-rate-limiting-and-throttling

performing-api-fuzzing-with-restler

exploiting-constrained-delegation-abuse

validating-backup-integrity-for-recovery

building-ransomware-playbook-with-cisa-framework

extracting-credentials-from-memory-dump

configuring-certificate-authority-with-openssl

performing-kubernetes-penetration-testing

performing-binary-exploitation-analysis

hardening-docker-daemon-configuration

performing-dark-web-monitoring-for-threats

configuring-windows-defender-advanced-settings

performing-privilege-escalation-on-linux

exploiting-nopac-cve-2021-42278-42287

performing-authenticated-vulnerability-scan

hardening-linux-endpoint-with-cis-benchmark

exploiting-smb-vulnerabilities-with-metasploit

performing-ssl-stripping-attack

performing-privilege-escalation-assessment

performing-container-security-scanning-with-trivy

performing-network-packet-capture-analysis

performing-http-parameter-pollution-attack

reverse-engineering-ransomware-encryption-routine

building-patch-tuesday-response-process

implementing-api-security-posture-management

performing-power-grid-cybersecurity-assessment

configuring-active-directory-tiered-model

performing-security-headers-audit

detecting-sql-injection-via-waf-logs

implementing-api-schema-validation-security

performing-wireless-network-penetration-test

deploying-cloudflare-access-for-zero-trust

monitoring-darkweb-sources

exploiting-zerologon-vulnerability-cve-2020-1472

implementing-jwt-signing-and-verification

reverse-engineering-dotnet-malware-with-dnspy

configuring-suricata-for-network-monitoring

hunting-advanced-persistent-threats

detecting-shadow-api-endpoints

performing-threat-modeling-with-owasp-threat-dragon

testing-ransomware-recovery-procedures

implementing-secret-scanning-with-gitleaks

correlating-threat-campaigns

extracting-windows-event-logs-artifacts

implementing-api-gateway-security-controls

performing-clickjacking-attack-test

performing-android-app-static-analysis-with-mobsf

configuring-aws-verified-access-for-ztna

scanning-kubernetes-manifests-with-kubesec

performing-wireless-security-assessment-with-kismet

performing-graphql-depth-limit-attack

deploying-tailscale-for-zero-trust-vpn

extracting-iocs-from-malware-samples

securing-aws-lambda-execution-roles

performing-blind-ssrf-exploitation

securing-serverless-functions

deploying-edr-agent-with-crowdstrike

scanning-infrastructure-with-nessus

exploiting-ms17-010-eternalblue-vulnerability

analyzing-cobalt-strike-malleable-profiles

hunting-for-dns-based-persistence

remediating-s3-bucket-misconfiguration

hunting-for-unusual-network-connections

performing-external-network-penetration-test

integrating-dast-with-owasp-zap-in-pipeline

configuring-windows-event-logging-for-detection

performing-active-directory-compromise-investigation

hunting-for-supply-chain-compromise

performing-firmware-malware-analysis

performing-osint-with-spiderfoot

generating-threat-intelligence-reports

performing-second-order-sql-injection

performing-user-behavior-analytics

configuring-microsegmentation-for-zero-trust

performing-ssl-tls-inspection-configuration

performing-packet-injection-attack

hunting-for-webshell-activity

performing-active-directory-bloodhound-analysis

detecting-aws-iam-privilege-escalation

performing-ai-driven-osint-correlation

detecting-dll-sideloading-attacks

securing-kubernetes-on-cloud

detecting-anomalous-authentication-patterns

performing-vlan-hopping-attack

configuring-hsm-for-key-storage

configuring-snort-ids-for-intrusion-detection

integrating-sast-into-github-actions-pipeline

securing-container-registry-images

detecting-email-account-compromise

performing-active-directory-vulnerability-assessment

performing-aws-privilege-escalation-assessment

performing-active-directory-forest-trust-attack

hunting-credential-stuffing-attacks

performing-privileged-account-discovery

performing-open-source-intelligence-gathering

implementing-api-key-security-controls

performing-cve-prioritization-with-kev-catalog

performing-mobile-app-certificate-pinning-bypass

implementing-api-abuse-detection-with-rate-limiting

intercepting-mobile-traffic-with-burpsuite

containing-active-breach

performing-content-security-policy-bypass

performing-memory-forensics-with-volatility3

detecting-insider-threat-behaviors

performing-network-traffic-analysis-with-zeek

performing-kerberoasting-attack

performing-red-team-with-covenant

configuring-identity-aware-proxy-with-google-iap

implementing-mitre-attack-coverage-mapping

performing-serverless-function-security-review

building-cloud-security-posture-management

securing-helm-chart-deployments

analyzing-phishing-email-headers

detecting-aws-cloudtrail-anomalies

performing-cloud-penetration-testing-with-pacu

deploying-palo-alto-prisma-access-zero-trust

detecting-anomalies-in-industrial-control-systems

detecting-email-forwarding-rules-attack

executing-phishing-simulation-campaign

implementing-pci-dss-compliance-controls

securing-remote-access-to-ot-environment

detecting-supply-chain-attacks-in-ci-cd

detecting-privilege-escalation-attempts

performing-threat-hunting-with-yara-rules

performing-endpoint-forensics-investigation

performing-ssl-certificate-lifecycle-management

hunting-for-spearphishing-indicators

implementing-aes-encryption-for-data-at-rest

mapping-mitre-attack-techniques

configuring-ldap-security-hardening

implementing-devsecops-security-scanning

performing-ot-vulnerability-assessment-with-claroty

deploying-osquery-for-endpoint-monitoring

implementing-network-access-control

performing-purple-team-exercise

performing-red-team-phishing-with-gophish

performing-oauth-scope-minimization-review

securing-aws-iam-permissions

implementing-kubernetes-pod-security-standards

performing-threat-landscape-assessment-for-sector

deploying-ransomware-canary-files

implementing-attack-surface-management

performing-sca-dependency-scanning-with-snyk

hunting-for-dcsync-attacks

performing-lateral-movement-with-wmiexec

hardening-windows-endpoint-with-cis-benchmark

conducting-mobile-application-penetration-test

performing-physical-intrusion-assessment

performing-ot-vulnerability-scanning-safely

eradicating-malware-from-infected-systems

detecting-attacks-on-scada-systems

detecting-broken-object-property-level-authorization

detecting-pass-the-hash-attacks

implementing-llm-guardrails-for-security

hunting-for-anomalous-powershell-execution

extracting-config-from-agent-tesla-rat

performing-service-account-credential-rotation

detecting-fileless-attacks-on-endpoints

hunting-for-suspicious-scheduled-tasks

hunting-for-data-exfiltration-indicators

detecting-dns-exfiltration-with-dns-query-analysis

detecting-dcsync-attack-in-active-directory

performing-container-image-hardening

implementing-aws-iam-permission-boundaries

detecting-lateral-movement-in-network

detecting-oauth-token-theft

performing-yara-rule-development-for-detection

implementing-security-chaos-engineering

implementing-threat-intelligence-lifecycle-management

implementing-api-security-testing-with-42crunch

extracting-memory-artifacts-with-rekall

performing-memory-forensics-with-volatility3-plugins

detecting-business-email-compromise-with-ai

performing-threat-hunting-with-elastic-siem

performing-agentless-vulnerability-scanning

hunting-for-unusual-service-installations

performing-supply-chain-attack-simulation

implementing-semgrep-for-custom-sast-rules

detecting-s3-data-exfiltration-attempts

performing-linux-log-forensics-investigation

performing-ios-app-security-assessment

performing-ot-network-security-assessment

performing-cryptographic-audit-of-application

performing-aws-account-enumeration-with-scout-suite

performing-nist-csf-maturity-assessment

conducting-cloud-infrastructure-penetration-test

performing-ransomware-response

securing-azure-with-microsoft-defender

detecting-kerberoasting-attacks

performing-kubernetes-cis-benchmark-with-kube-bench

performing-steganography-detection

configuring-multi-factor-authentication-with-duo

hunting-for-registry-run-key-persistence

hunting-for-dns-tunneling-with-zeek

detecting-ransomware-precursors-in-network

detecting-arp-poisoning-in-network-traffic

configuring-zscaler-private-access-for-ztna

profiling-threat-actor-groups

implementing-network-intrusion-prevention-with-suricata

performing-cloud-asset-inventory-with-cartography

performing-credential-access-with-lazagne

hunting-for-ntlm-relay-attacks

performing-malware-persistence-investigation

performing-thick-client-application-penetration-test

performing-plc-firmware-security-analysis

implementing-zero-trust-in-cloud

performing-service-account-audit

implementing-cloud-vulnerability-posture-management

implementing-api-threat-protection-with-apigee

performing-adversary-in-the-middle-phishing-detection

detecting-suspicious-oauth-application-consent

correlating-security-events-in-qradar

hunting-for-persistence-mechanisms-in-windows

implementing-google-workspace-phishing-protection

performing-dns-enumeration-and-zone-transfer

hunting-for-process-injection-techniques

detecting-network-scanning-with-ids-signatures

detecting-business-email-compromise

hunting-for-command-and-control-beaconing

performing-authenticated-scan-with-openvas

performing-dynamic-analysis-of-android-app

detecting-aws-guardduty-findings-automation

detecting-container-escape-attempts

executing-active-directory-attack-simulation

performing-mobile-device-forensics-with-cellebrite

detecting-cryptomining-in-cloud

performing-timeline-reconstruction-with-plaso

detecting-modbus-command-injection-attacks

performing-arp-spoofing-attack-simulation

hunting-for-lateral-movement-via-wmi

performing-disk-forensics-investigation

performing-malware-triage-with-yara

detecting-network-anomalies-with-zeek

performing-phishing-simulation-with-gophish

performing-gcp-security-assessment-with-forseti

implementing-network-segmentation-for-ot

implementing-threat-modeling-with-mitre-attack

performing-threat-emulation-with-atomic-red-team

recovering-from-ransomware-attack

hunting-for-scheduled-task-persistence

implementing-gdpr-data-protection-controls

detecting-shadow-it-cloud-usage

implementing-google-workspace-sso-configuration

performing-privileged-account-access-review

implementing-attack-path-analysis-with-xm-cyber

performing-kubernetes-etcd-security-assessment

implementing-network-access-control-with-cisco-ise

performing-cloud-native-forensics-with-falco

detecting-port-scanning-with-fail2ban

implementing-rsa-key-pair-management

implementing-aqua-security-for-container-scanning

implementing-mobile-application-management

performing-privacy-impact-assessment

performing-malware-ioc-extraction

performing-malware-hash-enrichment-with-virustotal

implementing-privileged-session-monitoring

implementing-vulnerability-management-with-greenbone

implementing-network-policies-for-kubernetes

hunting-for-living-off-the-cloud-techniques

performing-dns-tunneling-detection

performing-docker-bench-security-assessment

hunting-for-shadow-copy-deletion

detecting-lateral-movement-with-splunk

hunting-for-cobalt-strike-beacons

hunting-for-domain-fronting-c2-traffic

implementing-zero-trust-for-saas-applications

performing-ransomware-tabletop-exercise

performing-soc-tabletop-exercise

performing-firmware-extraction-with-binwalk

implementing-network-segmentation-with-firewall-zones

performing-log-analysis-for-forensic-investigation

detecting-azure-lateral-movement

hunting-for-t1098-account-manipulation

detecting-insider-threat-with-ueba

detecting-dnp3-protocol-anomalies

detecting-azure-storage-account-misconfigurations

hunting-for-data-staging-before-exfiltration

performing-paste-site-monitoring-for-credentials

detecting-deepfake-audio-in-vishing-attacks

investigating-phishing-email-incident

implementing-anti-phishing-training-program

implementing-web-application-logging-with-modsecurity

implementing-secrets-scanning-in-ci-cd

implementing-alert-fatigue-reduction

detecting-credential-dumping-techniques

securing-historian-server-in-ot-environment

implementing-secrets-management-with-vault

hunting-for-lolbins-execution-in-endpoint-logs

performing-endpoint-vulnerability-remediation

evaluating-threat-intelligence-platforms

performing-threat-intelligence-sharing-with-misp

implementing-end-to-end-encryption-for-messaging

implementing-zero-trust-network-access

detecting-golden-ticket-attacks-in-kerberos-logs

performing-iot-security-assessment

performing-automated-malware-analysis-with-cape

performing-indicator-lifecycle-management

hunting-for-registry-persistence-mechanisms

detecting-azure-service-principal-abuse

implementing-ddos-mitigation-with-cloudflare

performing-scada-hmi-security-assessment

detecting-exfiltration-over-dns-with-zeek

performing-purple-team-atomic-testing

implementing-google-workspace-admin-security

detecting-cloud-threats-with-guardduty

performing-cloud-log-forensics-with-athena

implementing-next-generation-firewall-with-palo-alto

detecting-attacks-on-historian-servers

implementing-pod-security-admission-controller

detecting-serverless-function-injection

implementing-hashicorp-vault-dynamic-secrets

implementing-application-whitelisting-with-applocker

hunting-for-persistence-via-wmi-subscriptions

performing-access-review-and-certification

implementing-github-advanced-security-for-code-scanning

detecting-suspicious-powershell-execution

securing-container-registry-with-harbor

performing-oil-gas-cybersecurity-assessment

implementing-ransomware-backup-strategy

implementing-rbac-hardening-for-kubernetes

implementing-iso-27001-information-security-management

performing-false-positive-reduction-in-siem

performing-fuzzing-with-aflplusplus

performing-bluetooth-security-assessment

deploying-software-defined-perimeter

implementing-network-traffic-analysis-with-arkime

implementing-infrastructure-as-code-security-scanning

detecting-typosquatting-packages-in-npm-pypi

detecting-container-escape-with-falco-rules

performing-soap-web-service-security-testing

performing-static-malware-analysis-with-pe-studio

processing-stix-taxii-feeds

hunting-for-defense-evasion-via-timestomping

implementing-siem-correlation-rules-for-apt

performing-container-escape-detection

detecting-fileless-malware-techniques

performing-lateral-movement-detection

auditing-kubernetes-rbac-permissions

performing-ip-reputation-analysis-with-shodan

performing-cloud-incident-containment-procedures

deploying-active-directory-honeytokens

implementing-ot-network-traffic-analysis-with-nozomi

hunting-for-startup-folder-persistence

hunting-for-living-off-the-land-binaries

performing-dmarc-policy-enforcement-rollout

detecting-aws-credential-exposure-with-trufflehog

performing-dynamic-analysis-with-any-run

implementing-cisa-zero-trust-maturity-model

detecting-process-injection-techniques

implementing-zero-knowledge-proof-for-authentication

implementing-aws-config-rules-for-compliance

detecting-process-hollowing-technique

performing-asset-criticality-scoring-for-vulns

implementing-anti-ransomware-group-policy

deploying-decoy-files-for-ransomware-detection

performing-windows-artifact-analysis-with-eric-zimmerman-tools

implementing-privileged-access-management-with-cyberark

implementing-endpoint-dlp-controls

implementing-dmarc-dkim-spf-email-security

detecting-golden-ticket-forgery

detecting-qr-code-phishing-with-email-security

detecting-living-off-the-land-with-lolbas

investigating-insider-threat-indicators

implementing-passwordless-auth-with-microsoft-entra

implementing-patch-management-for-ot-systems

detecting-container-drift-at-runtime

detecting-spearphishing-with-email-gateway

implementing-zero-trust-with-hashicorp-boundary

implementing-cloud-waf-rules

detecting-modbus-protocol-anomalies

implementing-kubernetes-network-policy-with-calico

performing-sqlite-database-forensics

implementing-runtime-application-self-protection

implementing-epss-score-for-vulnerability-prioritization

detecting-insider-data-exfiltration-via-dlp

detecting-pass-the-ticket-attacks

implementing-pam-for-database-access

implementing-zero-trust-dns-with-nextdns

implementing-azure-defender-for-cloud

implementing-policy-as-code-with-open-policy-agent

performing-ics-asset-discovery-with-claroty

detecting-mimikatz-execution-patterns

implementing-aws-security-hub-compliance

managing-intelligence-lifecycle

implementing-identity-verification-for-zero-trust

detecting-privilege-escalation-in-kubernetes-pods

performing-cloud-forensics-with-aws-cloudtrail

managing-cloud-identity-with-okta

implementing-ransomware-kill-switch-detection

performing-brand-monitoring-for-impersonation

detecting-rdp-brute-force-attacks

detecting-compromised-cloud-credentials

implementing-gdpr-data-subject-access-request

performing-insider-threat-investigation

implementing-network-traffic-baselining

implementing-aws-security-hub

performing-cloud-forensics-investigation

implementing-patch-management-workflow

implementing-endpoint-detection-with-wazuh

hunting-for-dcom-lateral-movement

performing-hardware-security-module-integration

detecting-service-account-abuse

detecting-stuxnet-style-attacks

performing-file-carving-with-foremost

detecting-living-off-the-land-attacks

detecting-bluetooth-low-energy-attacks

implementing-beyondcorp-zero-trust-access-model

hunting-for-beaconing-with-frequency-analysis

implementing-azure-ad-privileged-identity-management

performing-gcp-penetration-testing-with-gcpbucketbrute

performing-cloud-storage-forensic-acquisition

implementing-gcp-binary-authorization

implementing-code-signing-for-artifacts

implementing-identity-governance-with-sailpoint

implementing-scim-provisioning-with-okta

implementing-fuzz-testing-in-cicd-with-aflplusplus

implementing-vulnerability-remediation-sla

implementing-immutable-backup-with-restic

detecting-t1055-process-injection-with-sysmon

performing-entitlement-review-with-sailpoint-iiq

implementing-stix-taxii-feed-integration

implementing-honeytokens-for-breach-detection

performing-bandwidth-throttling-attack-simulation

implementing-memory-protection-with-dep-aslr

implementing-network-deception-with-honeypots

implementing-siem-use-case-tuning

implementing-zero-trust-network-access-with-zscaler

investigating-ransomware-attack-artifacts

detecting-beaconing-patterns-with-zeek

detecting-mobile-malware-behavior

implementing-soar-automation-with-phantom

implementing-bgp-security-with-rpki

implementing-mimecast-targeted-attack-protection

performing-cloud-native-threat-hunting-with-aws-detective

implementing-gcp-vpc-firewall-rules

detecting-wmi-persistence

implementing-container-network-policies-with-calico

implementing-aws-macie-for-data-classification

implementing-privileged-access-workstation

performing-post-quantum-cryptography-migration

performing-deception-technology-deployment

implementing-canary-tokens-for-network-intrusion

implementing-cloud-workload-protection

implementing-log-integrity-with-blockchain

performing-ioc-enrichment-automation

implementing-rapid7-insightvm-for-scanning

implementing-aws-nitro-enclave-security

implementing-browser-isolation-for-zero-trust

implementing-supply-chain-security-with-in-toto

performing-s7comm-protocol-security-analysis

performing-log-source-onboarding-in-siem

implementing-iec-62443-security-zones

performing-alert-triage-with-elastic-siem

performing-initial-access-with-evilginx3

implementing-cloud-security-posture-management

recovering-deleted-files-with-photorec

implementing-image-provenance-verification-with-cosign

performing-cloud-penetration-testing

implementing-soar-playbook-with-palo-alto-xsoar

implementing-cloud-trail-log-analysis

implementing-proofpoint-email-security-gateway

implementing-file-integrity-monitoring-with-aide

implementing-dragos-platform-for-ot-monitoring

implementing-container-image-minimal-base-with-distroless

implementing-data-loss-prevention-with-microsoft-purview

implementing-mtls-for-zero-trust-services

implementing-passwordless-authentication-with-fido2

implementing-sigstore-for-software-signing

implementing-hardware-security-key-authentication

implementing-zero-standing-privilege-with-cyberark

implementing-digital-signatures-with-ed25519

implementing-device-posture-assessment-in-zero-trust

implementing-saml-sso-with-okta

implementing-log-forwarding-with-fluentd

implementing-diamond-model-analysis

implementing-security-monitoring-with-datadog

detecting-rootkit-activity

implementing-nerc-cip-compliance-controls

implementing-conduit-security-for-ot-remote-access

implementing-velociraptor-for-ir-collection

implementing-vulnerability-sla-breach-alerting

detecting-command-and-control-over-dns

implementing-just-in-time-access-provisioning

implementing-usb-device-control-policy

implementing-gcp-organization-policy-constraints

detecting-t1003-credential-dumping-with-edr

implementing-siem-use-cases-for-detection

implementing-disk-encryption-with-bitlocker

detecting-ntlm-relay-with-event-correlation

performing-access-recertification-with-saviynt

containing-active-security-breach

implementing-cloud-dlp-for-data-protection

implementing-microsegmentation-with-guardicore

detecting-t1548-abuse-elevation-control-mechanism

implementing-ot-incident-response-playbook

implementing-zero-trust-with-beyondcorp

detecting-evasion-techniques-in-endpoint-logs

implementing-email-sandboxing-with-proofpoint

implementing-envelope-encryption-with-aws-kms

detecting-ransomware-encryption-behavior

implementing-opa-gatekeeper-for-policy-enforcement

implementing-ticketing-system-for-incidents

implementing-runtime-security-with-tetragon

implementing-continuous-security-validation-with-bas

implementing-deception-based-detection-with-canarytoken

implementing-ics-firewall-with-tofino

implementing-taxii-server-with-opentaxii

implementing-syslog-centralization-with-rsyslog

detecting-malicious-scheduled-tasks-with-sysmon

implementing-security-information-sharing-with-stix2

implementing-delinea-secret-server-for-pam

monitoring-scada-modbus-traffic-anomalies

implementing-conditional-access-policies-azure-ad

implementing-purdue-model-network-segmentation

detecting-misconfigured-azure-storage

implementing-soar-playbook-for-phishing

implementing-honeypot-for-ransomware-detection

implementing-ebpf-security-monitoring

detecting-cloud-cryptomining-activity

hunting-living-off-the-land-binaries

performing-ransomware-incident-response

detecting-lateral-movement-with-zeek

implementing-threat-intelligence-platform

implementing-rbac-for-kubernetes-cluster

hunting-for-webshells-in-web-servers

detecting-golden-ticket-attacks

executing-diamond-model-analysis