Can I use this skill for container security?

Yes, it includes best practices for secure Dockerfile patterns using Chainguard images and vulnerability scanning workflows using tools like Trivy and Grype.

Does it support incident response?

Absolutely. It includes a detailed playbook covering Detection, Containment, Eradication, Recovery, and Lessons Learned to minimize mean-time-to-resolution (MTTR).

How does this skill help with regulatory compliance?

It provides automated evidence collection patterns, continuous monitoring strategies, and specific checklists for frameworks like SOC 2, HIPAA, GDPR, and ISO 27001.

What is the STRIDE model mentioned in the skill?

STRIDE is a threat modeling framework used to identify Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Security Operations & Compliance

Name: Security Operations & Compliance
Author: hyperb1iss

byhyperb1iss

0•

보안 및 테스팅

Secures software systems through every phase of the lifecycle, from design-time threat modeling to real-time incident response.

This skill equips Claude with specialized knowledge for performing deep security audits, penetration testing, and compliance mapping. It integrates industry-standard frameworks like STRIDE for threat modeling and OWASP for code reviews, while providing technical implementations for Zero Trust architecture, SBOM generation, and container hardening. Whether you are automating SOC 2 evidence collection, implementing eBPF-based runtime security with Tetragon, or executing a rapid incident response playbook, this skill provides the structured guidance and best practices needed to maintain a high-integrity security posture.

주요 기능

01Container and runtime security patterns using Trivy, Chainguard, and eBPF.

02OWASP Top 10 aligned code security review checklists and vulnerability scanning.

03Automated compliance guidance for SOC 2, HIPAA, GDPR, and ISO 27001.

04Comprehensive threat modeling using the STRIDE framework and Zero Trust principles.

05Supply chain security with SBOM generation and SLSA framework implementation.

060 GitHub stars

사용 사례

01Conducting a pre-deployment security audit to identify OWASP vulnerabilities.

02Executing a structured 5-phase incident response plan during a security event.

03Generating and scanning Software Bill of Materials (SBOM) for supply chain integrity.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hyperb1iss/hyperskills security

For use in Claude.ai and ChatGPT

Download Skill