security▌

Comprehensive guide for implementing NetworkPolicy, PodSecurityPolicy, RBAC, and Pod Security Standards in Kubernetes.

This skill provides a description of how to identify the language and frameworks used by the current context, and then to load information from this skill's references directory about the security best practices for this language and or frameworks.

Comprehensive security patterns for building hardened applications. Each category has individual rule files in rules/ loaded on-demand.

Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities.

Implement comprehensive HTTP security headers to protect web applications from XSS, clickjacking, MIME sniffing, and other browser-based attacks.

Manage network security policies for Elastic Cloud Serverless projects: IP filters to allowlist specific IPs or CIDRs, and VPC filters (AWS PrivateLink) to restrict traffic to specific VPC endpoints.

symfony:api-platform-security

Create new detection rules for emerging threats and coverage gaps, and tune existing rules to reduce false positives. All operations use the Kibana Detection Engine API via rule-manager.js.

Analyze Elastic Security alerts one at a time: gather context, classify, create a case, and acknowledge. This skill depends on the case-management skill for case creation.

Static Application Security Testing (SAST) for comprehensive code vulnerability detection across multiple languages, frameworks, and security patterns.