by mukul975
detecting-container-escape-with-falco-rules helps detect container escape attempts with Falco runtime security rules. It focuses on syscall signals, privileged containers, host-path abuse, validation, and incident response workflows for Kubernetes and Linux container environments.
by mukul975
building-devsecops-pipeline-with-gitlab-ci helps you design and implement a GitLab CI/CD DevSecOps pipeline with SAST, DAST, container scanning, dependency scanning, secret detection, and license checks. It is useful for install, usage, and security audit workflows, with guidance grounded in GitLab templates, variables, and pipeline structure.
by mukul975
analyzing-kubernetes-audit-logs is a Kubernetes security analysis skill for turning API server audit logs into actionable findings. Use it to investigate exec into pods, secret access, RBAC changes, privileged workloads, and anonymous API access, or to build detection rules and triage summaries from JSON lines audit data.
by mukul975
analyzing-docker-container-forensics helps investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and preserve evidence. Use this analyzing-docker-container-forensics skill for a Security Audit, incident review, or container hardening assessment.
