Initial commit - 611 cybersecurity skills across all subdomains

skills/implementing-gcp-binary-authorization/references/standards.md

@@ -0,0 +1,15 @@
+# Standards - GCP Binary Authorization
+
+## SLSA Framework Levels
+- SLSA 1: Documentation of build process
+- SLSA 2: Tamper resistance of build service
+- SLSA 3: Extra resistance to threats
+- SLSA 4: Highest levels of confidence and trust
+
+## NIST 800-53
+- SA-10: Developer Configuration Management
+- SA-12: Supply Chain Protection
+- SI-7: Software, Firmware, and Information Integrity
+
+## CIS GKE Benchmark
+- 6.10.4: Ensure Binary Authorization is enabled for GKE clusters

skills/implementing-gcp-binary-authorization/references/workflows.md

@@ -0,0 +1,22 @@
+# Workflows - GCP Binary Authorization
+
+## Attestation Pipeline
+```
+1. Developer pushes code
+2. Cloud Build triggers container build
+3. Vulnerability scan runs on built image
+4. If scan passes → Create cryptographic attestation
+5. Push attested image to registry
+6. GKE validates attestation at deploy time
+7. Continuous validation monitors running pods
+```
+
+## Break-Glass Procedure
+```
+1. Emergency identified → Create incident ticket
+2. Apply break-glass annotation to pod spec
+3. Deploy with override documented
+4. Alert security team of break-glass usage
+5. Post-incident: Review and attest emergency image
+6. Remove break-glass annotation
+```