Sponsored by

Find leads on Reddit on auto pilot

Agent skills
devsecops

Topic: devsecops

795 skills in this topic.

investigating-phishing-email-incident Investigates phishing email incidents from initial user report through header analysis, URL/attachment detonation, impacted user identification, and containment actions using SOC tools like Splunk, Microsoft Defender, and sandbox analysis platforms. Use when a reported phishing email requires full incident investigation to determine scope and impact.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-registry-run-key-persistence Detect MITRE ATT&CK T1547.001 registry Run key persistence by analyzing Sysmon Event ID 13 logs and registry queries to identify malicious auto-start entries.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ransomware-kill-switch-detection Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based kill switches, and registry-based termination checks. Implements proactive mutex vaccination and kill switch domain monitoring to prevent ransomware from executing. Activates for requests involving ransomware kill switch analysis, mutex vaccination, WannaCry-style domain kill switches, or malware execution guard detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-deception-based-detection-with-canarytoken Deploy and monitor Canary Tokens via the Thinkst Canary API for deception-based breach detection using web bug tokens, DNS tokens, document tokens, and AWS key tokens.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-devsecops-security-scanning Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) into CI/CD pipelines using open-source tools. Covers Semgrep for SAST, Trivy for SCA and container scanning, OWASP ZAP for DAST, and Gitleaks for secrets detection. Activates for requests involving DevSecOps pipeline setup, automated security scanning in CI/CD, SAST/DAST/SCA integration, or shift-left security implementation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-diamond-model-analysis The Diamond Model of Intrusion Analysis provides a structured framework for analyzing cyber intrusions by examining four core features - Adversary, Capability, Infrastructure, and Victim. This skill covers implementing the Diamond Model programmatically to classify and correlate intrusion events, build activity threads, and generate pivot-ready intelligence.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-github-actions-workflows This skill covers hardening GitHub Actions workflows against supply chain attacks, credential theft, and privilege escalation. It addresses pinning actions to SHA digests, minimizing GITHUB_TOKEN permissions, protecting secrets from exfiltration, preventing script injection in workflow expressions, and implementing required reviewers for workflow changes.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-secrets-management-with-vault This skill covers deploying HashiCorp Vault for centralized secrets management across cloud environments, including dynamic secret generation for databases and cloud providers, transit encryption, PKI certificate management, and Kubernetes integration. It addresses eliminating hardcoded credentials from application code and CI/CD pipelines by implementing short-lived, automatically rotated secrets.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-scim-provisioning-with-okta Implement automated user provisioning and deprovisioning using SCIM 2.0 protocol with Okta as the identity provider.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-endpoint-dlp-controls Implements endpoint Data Loss Prevention (DLP) controls to detect and prevent sensitive data exfiltration through email, USB, cloud storage, and printing. Use when deploying DLP agents, creating content inspection policies, or preventing unauthorized data movement from endpoints. Activates for requests involving DLP, data exfiltration prevention, content inspection, or sensitive data protection on endpoints.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-runtime-application-self-protection Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application runtime, covering OpenRASP integration, attack pattern detection, and security policy configuration for Java and Python web applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-fuzz-testing-in-cicd-with-aflplusplus Integrate AFL++ coverage-guided fuzz testing into CI/CD pipelines to discover memory corruption, input handling, and logic vulnerabilities in C/C++ and compiled applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-gcp-organization-policy-constraints Implement GCP Organization Policy constraints to enforce security guardrails across the entire resource hierarchy, restricting risky configurations and ensuring compliance at organization, folder, and project levels.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-google-workspace-admin-security Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant MFA enforcement, DLP policies, email authentication (SPF/DKIM/DMARC), OAuth app control, and external sharing restrictions. Activates for requests involving Google Workspace hardening, G Suite security configuration, or cloud office security administration.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-google-workspace-sso-configuration Configure SAML 2.0 single sign-on for Google Workspace with a third-party identity provider, enabling centralized authentication and enforcing organization-wide access policies.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-hashicorp-vault-dynamic-secrets Implements HashiCorp Vault dynamic secrets engines for database credentials, AWS IAM keys, and PKI certificates with automatic generation, lease management, and credential rotation to eliminate static secrets in application configurations. Activates for requests involving Vault secrets engine configuration, dynamic database credentials, ephemeral cloud credentials, or automated secret rotation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-honeytokens-for-breach-detection Deploys canary tokens and honeytokens (fake AWS credentials, DNS canaries, document beacons, database records) that trigger alerts when accessed by attackers. Uses the Canarytokens API and custom webhook integrations for breach detection. Use when building deception-based early warning systems for intrusion detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-mobile-application-management Implements Mobile Application Management (MAM) policies to protect enterprise data on managed and unmanaged mobile devices through app-level controls including data loss prevention, selective wipe, app configuration, and containerization. Use when securing corporate apps on BYOD devices, implementing Intune App Protection Policies, or enforcing data separation between personal and work apps. Activates for requests involving MAM deployment, app protection policies, mobile containerization, or BYOD security.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-llm-guardrails-for-security Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection, data leakage, toxic content generation, and hallucinated outputs. Builds a security validation pipeline using NVIDIA NeMo Guardrails Colang definitions, custom Python validators for PII detection and content policy enforcement, and the Guardrails AI framework for structured output validation. The guardrails system intercepts both user inputs (blocking injection attempts, stripping PII, enforcing topic boundaries) and model outputs (detecting hallucinations, filtering toxic content, validating JSON schema compliance). Activates for requests involving LLM output validation, AI content filtering, guardrail implementation, or LLM safety enforcement.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-log-forwarding-with-fluentd Configure Fluentd and Fluent Bit for centralized log aggregation, routing, filtering, and enrichment across distributed infrastructure
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xss-vulnerabilities-with-burpsuite Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ot-network-traffic-analysis-with-nozomi Deploy Nozomi Networks Guardian sensors for passive OT network traffic analysis to achieve comprehensive asset visibility, real-time threat detection, and vulnerability assessment across industrial control systems without disrupting operations, leveraging behavioral anomaly detection and protocol-aware monitoring.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-network-traffic-analysis-with-arkime Deploy and query Arkime (formerly Moloch) for full packet capture network traffic analysis. Uses the Arkime API v3 to search sessions, download PCAPs, analyze connection patterns, detect beaconing behavior, and identify suspicious network flows. Monitors DNS queries, HTTP traffic, and TLS certificate anomalies across captured traffic.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-kubernetes-network-policy-with-calico Implement Kubernetes network segmentation using Calico NetworkPolicy and GlobalNetworkPolicy for zero-trust pod-to-pod communication.
mukul975/Anthropic-Cybersecurity-Skills 4,300