Total 50,504 skills, Security & Compliance has 1972 skills
Showing 12 of 1972 skills
Guides structured security log analysis across authentication, network, endpoint, and cloud audit log sources. Auto-invoked when the user shares log data, asks about suspicious events, needs help interpreting Windows Event IDs or Linux auth logs, or is establishing baselines for anomaly detection. Produces log source taxonomy, anomaly identification, baseline recommendations, and correlation findings mapped to MITRE ATT&CK v16 techniques.
Comprehensive security review framework for AI agents to audit skills, repositories, URLs, on-chain addresses, and services in adversarial environments
Guides compliance with Brazil's Lei Geral de Proteção de Dados (LGPD, Lei 13.709/2018). Covers the 10 lawful bases under Art. 7, DPO appointment, ANPD enforcement, data subject rights under Arts. 17-22, and international transfer mechanisms. Keywords: LGPD, Brazil data protection, ANPD, lawful bases, data subject rights, international transfers.
Interact with the Infisical REST API to manage secrets, projects, environments, machine identities, and more. Supports secret CRUD operations, machine identity authentication, pagination, and rate limiting on cloud deployments.
Guide identification, measurement, and management of operational risk in trading and brokerage operations. Use when designing trade error detection and correction procedures, investigating trade breaks and reconciliation failures, classifying loss events under Basel taxonomy, developing key risk indicators (KRIs) and dashboards, responding to system outages or data feed failures or order routing errors, conducting root cause analysis after a trade error or settlement fail, planning business continuity and disaster recovery for trading desks, preparing for FINRA or SEC operational risk examinations, or assessing technology risk in OMS and market data systems. Also covers fat-finger errors, error account P&L, and corrective action tracking.
Re-source IDA binaries. Use when asked for recursive annotation, structure recovery, type reconstruction, or bottom-up program understanding.
Triage and audit IDA binaries. Use when asked to analyze a binary, find suspicious behavior, detect crypto/network activity, review decompiled code against source, or run multi-table queries.
Guides OT/ICS and SCADA cyber security—Purdue zones, IEC 62443 and NIST SP 800-82 (practitioner), OT asset inventory (PLCs, RTUs, HMIs, historians), secure remote access, OT patch/vuln management, ICS protocol monitoring (Modbus, DNP3, OPC, BACnet high level), safety-first IR, OT threat classes (TRITON, Industroyer), hardening roadmaps, IT/OT convergence. Use for OT program scope, ICS segmentation, OT vuln/patch, detection/IR playbooks, vendor remote access, IEC 62443 or NIST 800-82 gaps—not IT network pentest (network-pentester), web apps (web-pentester), HIL bench only (hardware-in-the-loop-security-tester), GRC only (compliance-specialist), SOC triage (soc-analyst), or IT IR without OT safety (incident-responder). Safety over aggressive testing; no unsafe live-plant steps.
Guides cloud compliance—mapping SOC 2, ISO 27001, HIPAA, PCI DSS, FedRAMP, and data-residency requirements to cloud controls; collecting audit evidence from AWS, GCP, and Azure APIs; shared-responsibility narratives; CSPM/Config continuous monitoring; customer assurance questionnaires (CAIQ/SIG); and cloud-specific gap remediation before attestations. Use when scoping regulated workloads in cloud, preparing cloud control evidence for auditors, interpreting provider compliance artifacts (BAA, PCI AOC, FedRAMP packages), or proving residency and logging in multi-account estates—not for org-wide GRC programs and audit coordination without cloud evidence (compliance-specialist), non-cloud systems evidence automation (compliance-engineer), implementing security guardrails (cloud-security-engineer), legal DPAs or contract redlines (commercial-counsel), security strategy (cybersecurity), or CI pipeline gates only (devsecops).
This skill should be used when the user asks to draft or structure STR reports, suspicious transaction reports, SAR, suspicious activity reports, draft STR, STR narrative, file suspicious activity, AML STR, goAML, FinCEN SAR, suspicion narrative, or MLRO report. Guides jurisdiction-agnostic STR/SAR drafting—narrative structure (who, what, when, where, why suspicious), red flags and typologies, transaction aggregation and chronology, subject identification fields, supporting documentation checklists, quality review before filing, and escalation to MLRO/compliance—not TM rule building (aml-compliance), full LE case management, legal filing duty determination (commercial-counsel), or deep blockchain tracing (blockint skills). Complements aml-compliance, aml-cft, auditor, compliance-engineer, and commercial-counsel.
Guides security assessment of embedded and cyber-physical systems on hardware-in-the-loop (HIL) test benches—bench setup, ECU/ECM or PLC targets, bus interfaces (CAN/CAN-FD, LIN, automotive Ethernet, Modbus at high level), fault injection and stimulus design, simulated plant/environment integration, attack-surface monitoring on real hardware, reproducible test cases, lab safety interlocks, and evidence capture for firmware and vehicle security teams. Use for HIL security testing, ECU security assessment, CAN bus security, PLC HIL test, fault injection lab, embedded hardware security—not web/API pentest (web-pentester), network-only pentest (network-pentester), malware/binary RE only (reverse-engineer), SOC operations (soc-analyst), AI red team (ai-redteam), classified ISSO paperwork (information-systems-security-officer-classified-specialist), or pure software CI without hardware (build-validator).
Guides secure software delivery and DevSecOps for cleared/classified or high-side programs—disconnected or air-gapped CI/CD, artifact promotion across classification boundaries (conceptual), SBOM/signing/ provenance, SAST/DAST/secrets/IaC/container gates, supply-chain controls, STIG/CIS deploy baselines, IaC for classified landing zones, cleared developer workstations, build/deploy audit logging, and ATO/RMF pipeline evidence (not SSP ownership). Use for classified DevSecOps, cleared pipeline, high-side CI/CD, air-gapped build, cross-domain release, classified software delivery, STIG pipeline, ATO evidence CI, SBOM classified, secure software factory—not portfolio cyber governance (classified-cyber-security-senior-manager), ISSO/SSP (information-systems-security-officer-classified-specialist), commercial-only DevSecOps (devsecops), general DevOps (devops), build-only validation (build-validator), pentest (penetration-tester), or enterprise GRC-only (compliance-specialist).