Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based
Score 70/100
Configure AIDE (Advanced Intrusion Detection Environment) for file integrity monitoring including baseline creation,
Score 70/100
Implementing and auditing GCP VPC firewall rules to enforce network segmentation, restrict ingress and egress
Score 70/100
Configure GitHub Advanced Security with CodeQL to perform automated static analysis and vulnerability detection
Score 70/100
Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant
Score 70/100
Configure Google Workspace advanced phishing and malware protection settings including pre-delivery scanning,
Score 70/100
Implements FIDO2/WebAuthn hardware security key authentication including registration ceremonies, authentication
Score 70/100
Implements HashiCorp Vault dynamic secrets engines for database credentials, AWS IAM keys, and PKI certificates
Score 70/100
Deploys canary files, honeypot shares, and decoy systems to detect ransomware activity at the earliest possible
Score 70/100
Deploys canary tokens and honeytokens (fake AWS credentials, DNS canaries, document beacons, database records)
Score 70/100
Deploy and configure Tofino industrial firewalls from Belden/Hirschmann to protect SCADA systems and PLCs using
Score 70/100
Implement continuous identity verification for zero trust using phishing-resistant MFA (FIDO2/WebAuthn), risk-based
Score 70/100
Implements immutable backup strategy using restic with S3-compatible storage and object lock for ransomware-resistant
Score 70/100
Pod Security Standards (PSS) define three levels of security policies -- Privileged, Baseline, and Restricted
Score 70/100
Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection,
Score 70/100
Deploy Mimecast Targeted Threat Protection including URL Protect, Attachment Protect, Impersonation Protect,
Score 70/100
Implement MITRE ATT&CK coverage mapping to identify detection gaps, prioritize rule development, and measure
Score 70/100
Configures mutual TLS (mTLS) authentication between microservices using Python cryptography library for certificate
Score 70/100
Deploy and configure Suricata as a network intrusion prevention system with custom rules, Emerging Threats rulesets,
Score 70/100
Design and implement network segmentation using firewall security zones, VLANs, ACLs, and microsegmentation policies
Score 70/100
Configure and deploy Palo Alto Networks next-generation firewalls with App-ID, User-ID, zone-based policies,
Score 70/100
Implements passwordless authentication using Microsoft Entra ID with FIDO2 security keys, Windows Hello for
Score 70/100
Deploy FIDO2/WebAuthn passwordless authentication using security keys and platform authenticators. Covers WebAuthn
Score 70/100
Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace
Score 70/100
Deploy CyberArk Privileged Access Management to discover, vault, rotate, and monitor privileged credentials across
Score 70/100
Deploy and configure Proofpoint Email Protection as a secure email gateway to detect and block phishing, malware,
Score 70/100
Designs and implements a ransomware-resilient backup strategy following the 3-2-1-1-0 methodology (3 copies,
Score 70/100
Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based
Score 70/100
Deploy and configure Rapid7 InsightVM Security Console and Scan Engines for authenticated and unauthenticated
Score 70/100
RSA (Rivest-Shamir-Adleman) is the most widely deployed asymmetric cryptographic algorithm, used for digital
Score 70/100
Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application
Score 70/100
Implement eBPF-based runtime security observability and enforcement in Kubernetes clusters using Cilium Tetragon
Score 70/100
Implements security chaos engineering experiments that deliberately disable or degrade security controls to
Score 70/100
Create, validate, and share STIX 2.1 threat intelligence objects using the stix2 Python library. Covers indicators,
Score 70/100
Implements security monitoring using Datadog Cloud SIEM, Cloud Security Management (CSM), and Workload Protection
Score 70/100
Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards,
Score 70/100
Write multi-event correlation rules that detect APT lateral movement by chaining Windows authentication events,
Score 70/100
Tune SIEM detection rules to reduce false positives by analyzing alert volumes, creating whitelists, adjusting
Score 70/100
Implements SIEM detection use cases by designing correlation rules, threshold alerts, and behavioral analytics
Score 70/100
Implements Security Orchestration, Automation, and Response (SOAR) workflows using Splunk SOAR (formerly Phantom)
Score 70/100
Automate phishing incident response using Splunk SOAR REST API to create containers, add artifacts, and trigger
Score 70/100
Implement automated incident response playbooks in Cortex XSOAR to orchestrate security workflows across SOC
Score 70/100
STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information)
Score 70/100
Implement software supply chain integrity verification for container builds using the in-toto framework to create
Score 70/100
Configure rsyslog for centralized log collection with TLS encryption, custom templates, and log rotation. Generates
Score 70/100
Deploy and configure an OpenTAXII server to share and consume STIX-formatted cyber threat intelligence using
Score 70/100
Implement a structured threat intelligence lifecycle encompassing planning, collection, processing, analysis,
Score 70/100
Implements threat modeling using the MITRE ATT&CK framework to map adversary TTPs against organizational assets,
Score 70/100
Implements an integrated incident ticketing system connecting SIEM alerts to ServiceNow, Jira, or TheHive for
Score 70/100
Configure TLS certificates and encryption for secure communications. Use when setting up HTTPS, securing service-to-service connections, implementing mutual TLS (mTLS), or…
Score 70/100
Deploy and operate Greenbone/OpenVAS vulnerability management using the python-gvm library to create scan targets,
Score 70/100
Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities
Score 70/100
Build automated alerting for vulnerability remediation SLA breaches with severity-based timelines, escalation
Score 70/100
Configure ModSecurity WAF with OWASP Core Rule Set (CRS) for web application logging, tune rules to reduce false
Score 70/100
Scan for reports that have not yet been copied into as tracking issues, present the proposed imports to the user, and — defaulting to *import unless the…
Score 70/100
Open one or more `` tracking issues from a markdown file containing a batch of security findings (typically the output of an AI security review or a third-party scanner).
Score 70/100
Open a tracking issue in for a security-relevant fix that has already been opened (or merged) as a public PR in , in the case where there is no inbound…
Score 70/100
Expert at automatically applying improvements to Claude Code components based on quality analysis. Enhances descriptions, optimizes tool permissions, strengthens security, and…
Score 70/100
Apply IN10 Red Teaming to organize adversarial review to find vulnerabilities through simulated attack.
Score 70/100
Expert guidance for building and maintaining the Para Obsidian inbox processing system - a security-hardened automation framework for processing PDFs and attachments with…
Score 70/100