security▌

$21

Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities.

Implement comprehensive HTTP security headers to protect web applications from XSS, clickjacking, MIME sniffing, and other browser-based attacks.

Manage network security policies for Elastic Cloud Serverless projects: IP filters to allowlist specific IPs or CIDRs, and VPC filters (AWS PrivateLink) to restrict traffic to specific VPC endpoints.

Analyze Elastic Security alerts one at a time: gather context, classify, create a case, and acknowledge. This skill depends on the case-management skill for case creation.

Create new detection rules for emerging threats and coverage gaps, and tune existing rules to reduce false positives. All operations use the Kibana Detection Engine API via rule-manager.js.

symfony:api-platform-security

Generate ECS-compliant security events, multi-step attack scenarios, and synthetic alert documents that populate Elastic Security dashboards, the Alerts tab, and Attack Discovery.

Static Application Security Testing (SAST) for comprehensive code vulnerability detection across multiple languages, frameworks, and security patterns.

Manage SOC cases through the Kibana Cases API. All cases are scoped to securitySolution — this skill operates exclusively within Elastic Security. Cases appear in Kibana Security and can be assigned to analysts, linked to alerts, and pushed to external incident management systems via connectors.