CISA

Skill packages tagged with “CISA”

Browse Skills Browse all tags
Backup Immutability Auditor (CISA CPG 3.1)

Document and validate CISA CPG 3.1 Offline Backup & Verification Log: air-gapped or immutable backups so even a Global Admin cannot delete secondary copies, plus periodic Test Restore Log evidence (e.g. every 30 days).

    CISA CPG Critical Infrastructure Backup Ransomware Recovery
    Learn More
    CISA Circular Formatter (CPG 7.1)

    Format incident data for CISA and SRMA reporting under CPG 7.1 and CIRCIA. Enforces 72-hour (covered incident) and 24-hour (ransomware) notification windows and validates Information Requirements so the first report is complete.

      CISA CPG CIRCIA Critical Infrastructure Incident Reporting Ransomware
      Learn More
      MFA Exception Rationalizer (CISA CPG 1.1)

      Document the transition to phishing-resistant MFA and draft MFA-exception rationales for Critical Infrastructure. Identifies legacy systems that cannot support MFA, proposes compensating controls (e.g. jump hosts), and validates authentication hardware against the FIDO2 standard required by CPG 1.1.

        Compliance Security Critical Infrastructure CISA MFA FIDO2
        Learn More
        NIST Password Logic Adapter (CISA CPG 1.2)

        Rewrite legacy password policies to prioritize length and entropy over complexity and aging, and draft the Compromised Password Detection Protocol. Aligns with NIST SP 800-63B and CISA CPG 1.2; validates that procedures include a recurring check against leaked-credential APIs (e.g. Have I Been Pwned).

          Compliance Security Critical Infrastructure CISA NIST Password Identity
          Learn More
          OT Asset Integrity Register (CISA CPG 2.1)

          Maintain and validate an OT Asset Integrity Register for CISA CPG 2.1: catalog ICS, PLCs, HMIs, and sensors with firmware versions and physical locations; link assets to CISA KEV and vendor advisories (Siemens, Rockwell, etc.); cross-reference inventory with network discovery to flag unauthorized devices.

            Compliance Security Critical Infrastructure CISA OT ICS Asset management
            Learn More
            Privilege Training Mapper (CISA CPG 4.3)

            Map privileged job functions to role-specific training modules and validate training compliance. Cross-reference Privileged User List with HR training log to flag missing or overdue certifications.

              CISA CPG Critical Infrastructure Training Compliance Privileged Access
              Learn More
              Purdue Level Mapper (CISA CPG 2.2)

              IT/OT network segmentation aligned to CISA CPG 2.2 and the Purdue Model. Map assets to Levels 0–5, draft security requirements per transition, and validate no direct Business-to-PLC without DMZ.

                CISA CPG Critical Infrastructure OT Purdue Model Network Segmentation
                Learn More
                Safe Harbor Drafter (CISA CPG 5.1 VDP)

                Draft and validate a Vulnerability Disclosure Policy (VDP) with CISA-aligned Safe Harbor language and RFC 9116–compliant reporting. Ensures researcher protection and clear reporting mechanism.

                  CISA CPG VDP Critical Infrastructure Vulnerability Disclosure security.txt RFC 9116
                  Learn More

                  Ready to let your expertise drive the workflow?

                  Stop wrestling with rigid templates and complex tooling. Write your process in markdown, let the agent handle the rest.

                  Get Started