implementing-browser-isolation-for-zero-trust

Featured

Deploys remote browser isolation (RBI) as a core component of a Zero Trust architecture. Implements isolation policies with URL categorization and risk-based routing, content disarming and reconstruction (CDR) for file sanitization, data loss prevention controls within isolated sessions, and integration with Secure Web Gateway and ZTNA platforms. Based on Cloudflare Browser Isolation, Menlo Security, and Zscaler RBI approaches. Use when hardening web access against zero-day exploits, phishing, credential theft, and browser-based data exfiltration.

AI & Automation 15,448 stars 1852 forks Updated 1 weeks ago Apache-2.0

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
90
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Browser Isolation for Zero Trust ## When to Use - When deploying remote browser isolation as part of a Zero Trust security architecture - When protecting users from zero-day browser exploits and drive-by downloads - When implementing content disarming and reconstruction for file downloads - When enforcing data loss prevention policies for web browsing sessions - When securing access to untrusted or uncategorized websites - When integrating browser isolation with existing SWG and ZTNA infrastructure - When protecting against phishing and credential theft via isolated rendering ## Prerequisites - Familiarity with Zero Trust architecture principles and network security - Understanding of Secure Web Gateway (SWG) and proxy deployment models - Access to a test or lab environment for policy validation - Python 3.8+ with required dependencies installed - DNS and proxy infrastructure for traffic routing ## Instructions ### Phase 1: URL Categorization and Risk Classification Build a URL categorization engine that classifies websites by risk level to determine isolation policy. URLs are scored based on threat intelligence feeds, domain reputation, content category, and historical risk indicators. ```python from agent import BrowserIsolationPolicyEngine engine = BrowserIsolationPolicyEngine( organization="Acme Corp", default_isolation_mode="isolate_risky", ) # Classify a URL and determine isolation action result = engine.classify_url("https://docs.google...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
1 weeks ago
Language
Python
License
Apache-2.0

Integrates with

Cloudflare · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Featured

implementing-zero-trust-in-cloud

This skill guides organizations through implementing zero trust architecture in cloud environments following NIST SP 800-207 and Google BeyondCorp principles. It covers identity-centric access controls, micro-segmentation, continuous verification, device trust assessment, and deploying Identity-Aware Proxy to eliminate implicit network trust in AWS, Azure, and GCP environments.

15,448 Updated 1 weeks ago
mukul975
AI & Automation Featured

implementing-zero-trust-network-access-with-zscaler

Implement Zero Trust Network Access using Zscaler Private Access (ZPA) to replace traditional VPN with identity-based, context-aware access to private applications through the Zscaler Zero Trust Exchange.

15,448 Updated 1 weeks ago
mukul975
AI & Automation Featured

configuring-microsegmentation-for-zero-trust

Configure microsegmentation policies to enforce least-privilege workload-to-workload access using tools like VMware NSX, Illumio, and Calico, preventing lateral movement in zero trust architectures.

15,448 Updated 1 weeks ago
mukul975