Turns npm audit/Snyk results into prioritized patch plans with severity assessment, safe upgrade paths, breaking change analysis, and rollback strategies.
Score 70/100
Deploys canary files (honeytokens) across file systems to detect ransomware encryption activity in real time.
Score 70/100
Deploys and configures CrowdStrike Falcon EDR agents across enterprise endpoints to enable real-time threat
Score 70/100
Deploys and monitors ransomware canary files across critical directories using Python''s watchdog library for
Score 70/100
Query the Cancer Dependency Map (DepMap) for cancer cell line gene dependency scores (CRISPR Chronos), drug sensitivity data, and gene effect profiles.
Score 70/100
Use when hardening npm supply chain, pinning dependency versions, adding .npmrc security flags, or setting up Renovate and audit workflows.
Score 70/100
Dependency-upgrade campaign — outdated scan, batch-by-severity, breaking-change remediation, lockfile audit.
Score 70/100
Parallel design review by 6 specialist agents (PM, Architect, Designer, Security Design, UX, CTO) with mandatory unanimous approval.
Score 70/100
Copilot agent that assists with systematic design review using ATAM (Architecture Tradeoff Analysis Method), SOLID principles, design patterns, coupling/cohesion analysis, error…
Score 70/100
Designs backend API error contracts with a REST-default approach using RFC 9457 Problem Details, stable machine-readable codes, retry semantics, validation error payloads,…
Score 70/100
Detect hardcoded secrets, API keys, passwords, and credentials in source code. Security audit for leaked secrets. Works across all languages.
Score 70/100
Detects prompt injection attacks targeting LLM-based applications using a multi-layered defense combining regex
Score 70/100
Detect and prevent API enumeration attacks including BOLA and IDOR exploitation by monitoring sequential identifier
Score 70/100
Detects arbitrary read vulnerabilities by identifying unchecked array indexing and out-of-bounds memory access.
Score 70/100
Detects arbitrary write vulnerabilities by identifying unchecked array indexing and out-of-bounds memory writes.
Score 70/100
Detect and prevent ARP spoofing attacks using ARPWatch, Dynamic ARP Inspection, Wireshark analysis, and custom
Score 70/100
Detect cyber attacks targeting OT historian servers (OSIsoft PI, Ignition, Wonderware) that sit at the IT/OT
Score 70/100
Detects and analyzes Bluetooth Low Energy (BLE) security attacks including sniffing, replay attacks, GATT enumeration
Score 70/100
Detect and test for OWASP API3:2023 Broken Object Property Level Authorization vulnerabilities including excessive
Score 70/100
Detects stack and heap buffer overflow vulnerabilities in binary code by identifying unsafe memory operations.
Score 70/100
Business Email Compromise (BEC) is a sophisticated fraud scheme where attackers impersonate executives, vendors,
Score 70/100
Deploy AI and NLP-powered detection systems to identify business email compromise attacks by analyzing writing
Score 70/100
Detects OS command injection vulnerabilities by identifying unsafe system/popen/exec calls with user-controlled input.
Score 70/100
Detecting compromised cloud credentials across AWS, Azure, and GCP by analyzing anomalous API activity, impossible
Score 70/100
Container escape is a critical attack technique where an adversary breaks out of container isolation to access
Score 70/100
Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file
Score 70/100
Detect DCSync attacks where adversaries abuse Active Directory replication privileges to extract password hashes
Score 70/100
Detects AI-generated deepfake audio used in voice phishing (vishing) attacks by extracting spectral features
Score 70/100
Detect DLL side-loading attacks where adversaries place malicious DLLs alongside legitimate applications to hijack
Score 70/100
Detects double free vulnerabilities by identifying attempts to free the same memory block twice. Use when analyzing memory management, cleanup paths, or investigating heap…
Score 70/100
Detect malicious email forwarding rules created by adversaries to maintain persistent access to email communications
Score 70/100
Detects fileless malware and in-memory attacks that execute entirely in RAM without writing persistent files
Score 70/100
Detects and analyzes fileless malware that operates entirely in memory using PowerShell, WMI, .NET reflection,
Score 70/100
Detects format string vulnerabilities by identifying unsafe printf family function calls with user-controlled format strings.
Score 70/100
Detect Golden Ticket attacks in Active Directory by analyzing Kerberos TGT anomalies including mismatched encryption
Score 70/100
Detect Kerberos Golden Ticket forgery by analyzing Windows Event ID 4769 for RC4 encryption downgrades (0x17),
Score 70/100
Detects information disclosure vulnerabilities including sensitive data in logs, error message exposure, and memory leaks.
Score 70/100
Detects various injection vulnerabilities including SQL injection, LDAP injection, XPath injection, and code injection.
Score 70/100
Detect insider threat behavioral indicators including unusual data access, off-hours activity, mass file downloads,
Score 70/100
Implement User and Entity Behavior Analytics using Elasticsearch/OpenSearch to build behavioral baselines, calculate
Score 70/100
Detects integer overflow and underflow vulnerabilities in arithmetic operations used for buffer sizing or allocation.
Score 70/100
Detect Kerberoasting attacks by monitoring for anomalous Kerberos TGS requests targeting service accounts with
Score 70/100
Detect adversary lateral movement across networks using Splunk SPL queries against Windows authentication logs,
Score 70/100
Detect abuse of legitimate Windows binaries (LOLBins) used for living off the land attacks. Monitors process
Score 70/100
Detects logic bypass vulnerabilities including authentication bypass, authorization bypass, and business logic flaws.
Score 70/100
Detects various memory corruption vulnerabilities beyond simple buffer overflows including heap overflow, stack smashing, and double free.
Score 70/100
Detects and analyzes malicious behavior in mobile applications through behavioral analysis, permission abuse
Score 70/100
Detect command injection attacks against Modbus TCP/RTU protocol in ICS environments by monitoring for unauthorized
Score 70/100
Deploys and configures Zeek (formerly Bro) network security monitor to passively analyze network traffic, generate
Score 70/100
Detect network reconnaissance and port scanning using Suricata and Snort IDS signatures, threshold-based detection
Score 70/100
Detect NTLM relay attacks through Windows Security Event correlation by analyzing Event 4624 LogonType 3 for
Score 70/100
Detects null pointer dereference vulnerabilities by identifying unchecked pointer usage and missing validation.
Score 70/100
Detects and responds to OAuth token theft and replay attacks in cloud environments, focusing on Microsoft Entra
Score 70/100
Detect Pass-the-Hash attacks by analyzing NTLM authentication patterns, identifying Type 3 logons with NTLM where
Score 70/100
Detect Kerberos Pass-the-Ticket (PtT) attacks by analyzing Windows Event IDs 4768, 4769, and 4771 for anomalous
Score 70/100
Configures Fail2ban with custom filters and actions to detect port scanning activity, SSH brute force attempts,
Score 70/100
Detects privilege escalation vulnerabilities including setuid/setgid abuse, permission check bypasses, and unsafe privilege management.
Score 70/100
Detects and analyzes process injection techniques used by malware including classic DLL injection, process hollowing,
Score 70/100
Detect and prevent QR code phishing (quishing) attacks that bypass traditional email security by embedding malicious
Score 70/100
Detects race condition vulnerabilities including TOCTOU, double-checked locking issues, and shared state problems.
Score 70/100