4. Security & Compliance

Manages Prowler compliance frameworks for standards including CIS, NIST, and GDPR.

Generates Prowler security checks for cloud providers (AWS, Azure, GCP, K8s, GitHub) following SDK patterns for consistent security assessments.

Automates review of pull requests containing compliance framework changes (CIS, NIST, PCI-DSS) and compliance JSON files.

Overhauls security architecture for claude-flow v3, addressing critical CVEs and implementing secure-by-default patterns.

Standardized guidelines for creating red team plugins and graders, including best practices for attack templates and plugin architecture.

Toolkit for preparing ISO 13485 certification documentation, including gap analysis, Quality Manuals, procedures, and Medical Device Files for medical device QMS.

Tests for prompt injection vulnerabilities in AI applications to identify security weaknesses and prevent exploitation.

Aggregates security news, breach reports, and vulnerability updates from sources like tldrsec and no.security for timely threat intelligence.

Conducts security reconnaissance for bug bounty programs and attack surface analysis.

Conducts web security assessments including penetration testing and vulnerability scanning for web applications.

Aggregates and analyzes annual security, threat, and industry reports to provide actionable insights into the current threat landscape.

Provides adversarial analysis with 32 agents for red team exercises, including attack simulation, counterarguments, and security stress testing.

Manages secrets securely via 1Password CLI, including installation, sign-in, and secret injection for development workflows.

Captures still frames or video clips from RTSP/ONVIF-compatible security cameras for real-time monitoring and analysis.

Manages and troubleshoots API tokens and authentication secrets for NetAlertX, resolving 401/403 errors and ensuring secure access.

Provides a guide for implementing Role-Based Access Control (RBAC) permissions within the Epic Stack framework.

Provides a guide to implementing critical security practices including Content Security Policy, rate limiting, and session security for the Epic Stack framework.

Comprehensive guide to implementing authentication, sessions, OAuth, 2FA, and passkeys for the Epic Stack framework.

Conducts security reconnaissance for bug bounty programs and attack surface analysis, identifying potential vulnerabilities in target systems.

Provides adversarial analysis with 32 agents for red team exercises, including attack simulation, counterarguments, and stress testing.

Aggregates and analyzes annual security, threat, and industry reports to provide threat landscape insights and security analysis.

Provides security reconnaissance capabilities to identify vulnerabilities and attack surfaces, particularly for bug bounty programs and penetration testing.

Simulates adversarial attacks and security stress tests using 32 agents for red teaming and vulnerability assessment.

Manages system integrity, documents sessions, and performs security audits including secret and privacy scans for compliance.