mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-10 21:24:56 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
1.6 KiB
1.6 KiB
API Reference: Implementing Disk Encryption with BitLocker
manage-bde CLI
# Check status
manage-bde -status C:
# Enable BitLocker with TPM
manage-bde -on C: -RecoveryPassword -EncryptionMethod AES256
# Backup recovery key to AD
manage-bde -protectors -adbackup C: -ID {protector-id}
# Lock/unlock
manage-bde -lock D:
manage-bde -unlock D: -RecoveryPassword 123456-...
PowerShell BitLocker Cmdlets
# Get BitLocker volume
Get-BitLockerVolume -MountPoint "C:"
# Enable with TPM + PIN
Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 `
-TpmAndPinProtector -Pin (ConvertTo-SecureString "1234" -AsPlainText -Force)
# Add recovery password
Add-BitLockerKeyProtector -MountPoint "C:" -RecoveryPasswordProtector
# Backup to AD
Backup-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $id
Compliance Checks
| Check | Severity | Requirement |
|---|---|---|
| BitLocker enabled | CRITICAL | All OS drives |
| AES-256 encryption | MEDIUM | FIPS/enterprise |
| TPM protector | HIGH | Hardware-backed |
| Recovery key escrowed | HIGH | AD DS or Azure AD |
| Full disk encrypted | MEDIUM | Not used-space only |
Microsoft Graph API (Intune)
import requests
headers = {"Authorization": "Bearer <token>"}
resp = requests.get(
"https://graph.microsoft.com/v1.0/deviceManagement/managedDevices"
"?$select=deviceName,isEncrypted",
headers=headers)