4. Security & Compliance

Prevents SQL injection attacks using parameterized queries, input validation, and secure database interaction techniques.

Provides input sanitization to prevent XSS attacks, handle encoding, validate inputs, and enforce security headers for web applications.

Provides a policy template for automated security scanning in CI/CD pipelines, covering dependency audits, SAST, and secret detection.

Performs automated accessibility audits using axe-core to validate compliance with web accessibility standards.

Guides implementation of data retention policies and GDPR/CCPA-compliant deletion workflows across distributed systems.

Assists in vulnerability discovery, report writing, responsible disclosure, and penetration testing for bug bounty programs.

Provides standardized templates and streamlines vendor assessment processes for enterprise security questionnaires.

Expert guidance on AWS S3 bucket policies, IAM configurations, cross-account access, and security best practices for secure object storage.

Provides a comprehensive guide to securely isolate AI agent code execution through resource limits, security boundaries, and safe tool usage.

Provides strategies for redacting PII and secrets in logs through automated filtering and secure logging practices.

Provides expert guidance for implementing ISO 27001 security controls and compliance within an Information Security Management System (ISMS).

Provides clear escalation procedures and paths for incident response to ensure timely security event management.

Provides a comprehensive guide for implementing enterprise Single Sign-On using SAML 2.0 and OpenID Connect protocols.

Creates rules for detecting API keys, tokens, and credentials in code to prevent accidental exposure and enhance security.

Tracks CVEs for vulnerability management, security advisories, and patch prioritization.

Generates compliance reports for SOX, GDPR, HIPAA, and SOC 2 audits, ensuring regulatory documentation meets industry standards.

Performs complete deletion of user accounts and all associated data from system configuration, ensuring regulatory compliance.

Generates structured audit logs for regulatory compliance, including log formatting and monitoring integration.

Automates verification of FTC disclosures, link tracking, and ethical practices in affiliate marketing content for regulatory compliance.

Guides security reviews for code, including vulnerability assessment, authentication/authorization checks, and secure data handling evaluation.

Conducts adversarial security reviews of API endpoints, UI flows, and database code, including threat modeling and vulnerability analysis for the specified stack.

Verifies security tokens and credentials to ensure secure access and compliance validation.

Provides security checklists and patterns for Rust applications handling authentication, user input, secrets, and sensitive features.

Provides security design guidance for threat mitigation, input validation, and secure execution within software design documents.