Total 50,483 skills, Security & Compliance has 1971 skills
Showing 12 of 1971 skills
Security audit and compliance automation suite with OWASP scanning, CVE detection, GDPR/SOC2 audits, threat modeling, and incident response playbooks
Security & compliance skill suite with OWASP scanning, CVE detection, GDPR audits, SOC2 readiness, threat modeling, and incident response workflows
Detect and analyze Minecraft cheat clients, hack tools, and malicious game modifications for server protection
Deploy and configure the Dragos Platform for OT network monitoring, leveraging its 600+ industrial protocol parsers, intelligence-driven threat detection analytics, and asset visibility capabilities to protect ICS environments against threat groups like VOLTZITE, GRAPHITE, and BAUXITE.
Snyk integration. Manage Projects, Organizations. Use when the user wants to interact with Snyk data.
Produce a proposed marked-up policy redraft that closes a gap found by /regulatory-legal:gaps or /regulatory-legal:policy-diff. A first draft for internal review — not for direct application to approved policy documents. Use when the user says "redraft the policy", "draft the policy fix", "mark up the policy", or when gap-surfacer hands off a gap for drafting.
Manage Harness Software Supply Chain Assurance (SSCA) via MCP. Configure automated SBOM generation with CycloneDX or SPDX formats, set up artifact signing and attestation with Cosign, define supply chain security policies using OPA, and track SLSA provenance levels. Use when asked to generate SBOMs, sign artifacts, enforce supply chain policies, track software provenance, or manage SLSA compliance. Do NOT use for OPA pipeline governance policies (use create-policy instead) or vulnerability scanning (use security-report instead). Trigger phrases: SBOM, software bill of materials, supply chain security, SLSA, artifact signing, cosign, provenance, attestation, CycloneDX, SPDX, supply chain policy.
Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.
Wallarm integration. Manage data, records, and automate workflows. Use when the user wants to interact with Wallarm data.
Discovering and accessing unprotected pages, APIs, and administrative interfaces by enumerating URLs and bypassing authentication controls during authorized security assessments.
Parse Windows Prefetch files to determine program execution history including run counts, timestamps, and referenced files for forensic investigation.
Build AI-driven security operations automation with ASP's agent-centric SIRP, modules, and playbooks