Explore AI Agent Skills & Claude Prompts

External Attack Surface Management (EASM) specialist for CyberRadar. Discovers and monitors internet-facing assets: DNS enumeration, subdomain discovery, SSL/TLS certificate monitoring, open port detection, web technology fingerprinting, shadow IT identification, and external exposure scoring. Operates on both tenant's own infrastructure and vendor infrastructure (for TPRM external monitoring). Triggers on: attack surface, external scanning, DNS, subdomain, SSL, TLS, open ports, shadow IT, EASM, external risk, exposure.

crq-engineer

Cyber Risk Quantification engineer for CyberRadar. Implements FAIR (Factor Analysis of Information Risk) methodology, Monte Carlo simulation for loss distribution modeling, financial impact quantification in multi-currency (SAR, USD, EUR, GBP), loss exceedance curves, risk treatment ROI calculation, insurance premium optimization, and board-ready financial risk reporting. Transforms qualitative risk assessments into monetary terms for executive decision-making. Triggers on: CRQ, FAIR, Monte Carlo, financial impact, loss modeling, risk quantification, cyber insurance, risk treatment ROI, financial risk.

cspm-engineer

Cloud Security Posture Management engineer for CyberRadar. Builds the unified posture assessment engine across 4 clouds (AWS, Azure, GCP, OCI) in 3 modes: standalone (direct API scanning), connector-fed (from customer tools like Qualys/Tenable/Prisma), and hybrid (both, with deduplication). Covers CIS benchmark evaluation, cloud misconfiguration detection, IAM posture analysis, encryption gap detection, and network exposure assessment. Produces normalized posture findings that wire into risk register, control effectiveness, compliance scoring, evidence generation, and Cyber Score computation. Triggers on: CSPM, cloud posture, cloud scanning, CIS benchmarks, misconfiguration, cloud security, asset discovery, posture assessment, security posture management.

cyber-score-architect

Unified organizational posture scoring architect for CyberRadar. Designs and implements the Cyber Score — a single 0-100 metric aggregating compliance posture, control effectiveness, evidence freshness, vulnerability exposure, vendor risk, policy coverage, and CSPM findings. Supports drill-down from score → dimension → entity → evidence. Score versioning, explainability, historical trending, and board-ready visualization. Triggers on: cyber score, posture score, risk score, organizational score, security rating, compliance score, unified score, drill-down, score dimensions.

kri-engineer

Key Risk Indicator engine builder for CyberRadar. Designs KRI definitions with formula builder, threshold configuration (green/amber/red), automated alerting on breach, trend tracking with forecasting, dashboard widgets, escalation workflows, and board report integration. KRIs aggregate signals from all platform modules (CSPM, CRQ, compliance, vendor risk, evidence, vulnerabilities) into governance-level risk signals. Triggers on: KRI, key risk indicator, threshold, risk indicator, risk signal, risk alerting, risk threshold, risk dashboard, risk trend.

multi-entity-governance

Multi-entity governance architect for CyberRadar. Enables holding companies and multi-subsidiary organizations to manage compliance, risk, and security posture across multiple legal entities with parent-child tenant relationships, entity-level and consolidated roll-up dashboards, group CISO views, cross-entity benchmarking, and unified board reporting. Supports Saudi group structures (holding → subsidiaries) and global enterprises (HQ → regional entities → local operations). Triggers on: multi-entity, holding company, subsidiary, parent tenant, group CISO, consolidated dashboard, roll-up, entity governance, group compliance, multi-subsidiary.

platform-intelligence-architect

Cross-entity data correlation, enrichment, and analytics architect for CyberRadar. Builds the intelligence layer that connects all 20+ services into coherent customer and admin dashboards. Covers: cross-service data correlation (risk→control→evidence→asset →framework→vendor chains), computed metric enrichment, role-based customer dashboards (CISO, CCO, CRO, Board), PDPL-compliant admin dashboards (anonymized cross-tenant analytics, platform health, usage, revenue), data residency enforcement, and DSAR (Data Subject Access Request) support. Triggers on: data correlation, enrichment, dashboard, admin analytics, PDPL, data privacy, DSAR, cross-entity, platform analytics, customer dashboard, admin dashboard, anonymization.

policy-lifecycle-analyst

Policy and procedure lifecycle management specialist for CyberRadar. Covers full policy lifecycle: template library (500+ mapped to SCF/frameworks), rich text policy editor with version control, policy-to-control-to-framework mapping, policy gap analysis, approval workflows (integrates with existing approval chains), distribution and acknowledgment tracking, policy refresh scheduling, AI-assisted policy generation hooks, and policy compliance scoring that feeds into Cyber Score. Triggers on: policy, procedure, policy template, policy gap, policy approval, policy version, policy distribution, policy acknowledgment, policy generation, policy compliance.

scenario-modeler

Interactive risk scenario modeling engine for CyberRadar. Builds what-if analysis capabilities: "if we implement control X, how does Cyber Score change?", "if threat Y materializes, what's the financial impact?", "if vendor Z is breached, what's our exposure?" Combines CRQ engine, Cyber Score simulator, control effectiveness projections, and treatment comparison. Supports scenario saving, comparison, and board presentation. Triggers on: what-if, scenario, simulation, risk modeling, treatment comparison, impact analysis, risk scenario, threat modeling, control simulation.

vulnerability-analyst

Vulnerability management specialist for CyberRadar. Manages CVE database synchronization (NVD/MITRE), CVSS scoring, EPSS exploitability prediction, vulnerability prioritization using context (asset criticality + business impact + exploitability + threat intelligence), patch recommendation engine, vulnerability lifecycle tracking, SLA enforcement, and integration with CSPM findings and risk register. Triggers on: vulnerability, CVE, CVSS, EPSS, patch management, vulnerability prioritization, NVD, exploit, remediation SLA.

sales-engineer

Use this agent when you need to conduct technical pre-sales activities including solution architecture, proof-of-concept development, and technical demonstrations for complex sales deals. Triggers on: conduct, technical, pre-sales, activities, including, solution, architecture, proof-of-concept, development, demonstrations, complex, sales, deals.

canonical-schema-architect

Principal Canonical Schema & Normalization Architect. Designs canonical object models and normalization rules for multi-source data — findings, assets, identities, controls, evidence, transactions, and entities. Produces versioned schemas (Zod/JSON Schema), severity/status normalization tables, deterministic ID generation, entity resolution and deduplication rules, backwards-compatible evolution policies, and mapping guides for connector teams. Triggers on: canonical schema, normalization, entity resolution, deduplication, schema evolution, mapping rules, data model, canonical object, multi-source data, schema versioning, conflict resolution, severity normalization, status mapping, deterministic id, backwards compatible, additive evolution, schema migration.