4. Security & Compliance

AI-powered content moderation for LLM outputs, filtering six safety categories with high accuracy. Integrates with deployment platforms and guardrails.

Automates detection of bugs, security flaws, and code quality issues in current branch changes during code review.

Manages regulatory documentation control, change management, and compliance verification for quality assurance in regulated industries.

Provides expert guidance on EU MDR 2017/745 compliance for medical devices, including gap analysis, technical documentation, and regulatory interpretation.

Expert FDA regulatory consulting for medical device companies, covering QSR compliance, HIPAA evaluations, cybersecurity guidance, and submission strategy.

Provides expert guidance for ISO 13485 quality management system audits, including planning, execution, nonconformity identification, and corrective action verification.

Provides expert GDPR/DSGVO compliance assessments, privacy impact evaluations, and data protection auditing for regulatory verification.

Specializes in implementing privacy controls, conducting data protection impact assessments, and ensuring compliance with GDPR, CCPA, HIPAA, and international data laws.

Audits websites for WCAG 2.1 AA/AAA compliance, ARIA implementation, and ADA accessibility standards.

Provides comprehensive security operations for application security, vulnerability management, compliance, and secure development practices through scanning, assessment, and automation.

Specializes in ISO 27001/27002 implementation, ISMS design, risk assessment, and compliance for HealthTech and MedTech security programs.

Provides security checklist and patterns for secure implementation of authentication, input handling, secrets management, and sensitive features.

Manages Prowler compliance frameworks for standards including CIS, NIST, and GDPR.

Generates Prowler security checks for cloud providers (AWS, Azure, GCP, K8s, GitHub) following SDK patterns for consistent security assessments.

Automates review of pull requests containing compliance framework changes (CIS, NIST, PCI-DSS) and compliance JSON files.

Overhauls security architecture for claude-flow v3, addressing critical CVEs and implementing secure-by-default patterns.

Standardized guidelines for creating red team plugins and graders, including best practices for attack templates and plugin architecture.

Toolkit for preparing ISO 13485 certification documentation, including gap analysis, Quality Manuals, procedures, and Medical Device Files for medical device QMS.

Manages secrets securely via 1Password CLI, including installation, sign-in, and secret injection for development workflows.

Captures still frames or video clips from RTSP/ONVIF-compatible security cameras for real-time monitoring and analysis.

Provides a guide for implementing Role-Based Access Control (RBAC) permissions within the Epic Stack framework.

Provides a guide to implementing critical security practices including Content Security Policy, rate limiting, and session security for the Epic Stack framework.

Comprehensive guide to implementing authentication, sessions, OAuth, 2FA, and passkeys for the Epic Stack framework.

Conducts security reconnaissance for bug bounty programs and attack surface analysis, identifying potential vulnerabilities in target systems.