4. Security & Compliance

Conducts security audits, identifies vulnerabilities, and enforces security best practices for system protection.

Conducts security audits, identifies vulnerabilities, and enforces security best practices to enhance system security posture.

Enforces anti-cheating protocols and defines security rules for virtual currency systems to prevent fraud and ensure transaction integrity.

Configures and manages access permissions and settings for the Claude Code tool to ensure secure usage.

Provides automated security checks, vulnerability scanning, and compliance monitoring to guide development workflows with security best practices.

Guides architects in designing RBAC systems for permissions, workspaces, and role hierarchies, ensuring security and multi-tenant isolation.

Automatically redacts personally identifiable information (PII) from logs and outputs to ensure compliance with data protection regulations.

Teaches secure password handling using bcrypt/argon2, emphasizing never storing plaintext passwords and avoiding third-party credentials in authentication systems.

Provides security review guidance for authentication and authorization code, covering JWT, OAuth 2.0, and critical vulnerability checks.

Prevents XSS and injection attacks by sanitizing and validating user input in TypeScript applications.

Teaches secure Data Access Layer pattern to prevent authentication bypass vulnerabilities in middleware and server actions requiring authentication.

Automates detection of security vulnerabilities in JavaScript/TypeScript code through scan commands and severity mapping.

Automates regulated healthcare content generation with LGPD compliance, claims identification, and SEO optimization for medical systems.

Automates security for AI/LLM applications including prompt injection detection, PII redaction, and content moderation.

Prevents SQL injection vulnerabilities by enforcing safe $queryRaw tagged templates over unsafe raw query methods in database operations.

Audits and updates npm dependencies in TypeScript projects to prevent security vulnerabilities.

Teaches secure authentication patterns for Next.js 16 server actions, form handlers, and mutations.

Provides PwC audit staff with expertise in audit ground truth extraction, Critical Audit Matters (CAMs), ICFR validation, and PCAOB/SEC compliance analysis.

Scans projects for vulnerable dependencies, enforces security policies, checks licenses, and provides upgrade recommendations to maintain security and compliance.

Validates WCAG 2.1 compliance, screen reader compatibility, and Universal Design for Learning principles in educational curriculum materials.

Aligns training programs with regulatory standards including OSHA, HIPAA, and GDPR to verify coverage and identify compliance gaps for mandated training.

Ensures educational platforms and content comply with data privacy regulations including COPPA, FERPA, and GDPR.

Validates web accessibility against global standards including WCAG, EN 301 549, and Section 508, ensuring compliance for diverse regions and assistive technologies.

Defines security guidelines for secure development, covering secret management, input validation, dependency control, and XSS/SQL injection prevention.