4. Security & Compliance

Configures security headers (CSP, HSTS), CORS, and CSRF protection for affolterNET.Web.Bff using IConfigurableOptions pattern.

Configures JWT Bearer authentication with Keycloak for token validation and secure API access in affolterNET.Web.Api.

Conducts security audits, vulnerability scanning, and secrets detection to ensure comprehensive application security.

Provides a guide for identifying code vulnerabilities, implementing security best practices, conducting security code reviews, and resolving security issues.

Provides encrypted storage and secure access management for user credentials and sensitive account information.

Automatically audits code for security risks in vibe-coded projects, triggering on security-sensitive files and risky patterns.

Provides a comprehensive guide for implementing Fullstory's User Consent API to ensure GDPR/CCPA compliance in web applications, including consent flows and privacy-conscious recording.

Verifies telemetry spans for compliance with FPF Discipline-Health (G.12) standards in distributed tracing systems.

Strategic framework for Fullstory data privacy decisions, covering regulatory compliance (GDPR, HIPAA, CCPA) and data handling techniques (masking, hashing, exclusion).

Guides implementation of Fullstory's privacy controls (fs-exclude, fs-mask) to protect user data and ensure compliance with privacy regulations.

Writes immutable evidence artifacts to the FPF EvidenceGraph, ensuring data integrity for security and compliance purposes.

Verifies execution traces for compliance with the FPF Behavioral Specification.

Teaches implementation of Fullstory's user anonymization API for privacy compliance, including logout handling and session management in web applications.

Automates MISRA-to-FLS outlier review by analyzing content relevance and recording findings for compliance verification.

Dashlane provides secure password management with dark web monitoring and integrated VPN to protect credentials and online privacy.

Provides security patterns to avoid common pitfalls in session keys, caching sensitive data, logging, and environment variables during implementation.

Scans repositories for privacy/security risks including PII, company terms, and secrets before public release, guiding remediation.

Reviews OAuth 2.1 and OIDC Core Token Endpoint test cases for compliance with security specifications and authentication requirements.

Reviews OAuth 2.1 PKCE test cases for compliance with code_challenge, code_verifier, and S256 requirements per specified sections.

Audits project dependencies for security vulnerabilities, enforces remediation, and ensures supply chain security during package management tasks.

Audits codebases for security vulnerabilities, technical debt, and code quality to ensure robust and compliant software.

Reviews test cases for UserInfo Endpoint security compliance with OIDC Core 1.0, validating token handling, claims, and response signatures.

Provides a compliance checklist for OAuth 2.1 authorization servers, verifying specific features and differences from OAuth 2.0.

Reviews OAuth 2.0 Authorization Endpoint test cases for OIDC Core 1.0 compliance, validating parameters and response handling.