4. Security & Compliance

Applies OWASP Mobile security standards to Flutter applications to prevent common mobile vulnerabilities.

Provides security best practices for React applications, covering XSS prevention, authentication implementation, and dependency vulnerability management.

Provides secure coding guidelines and practices for TypeScript to prevent common vulnerabilities and ensure application safety.

Provides universal security protocols to build safe and resilient software applications through standardized security practices.

Provides secure coding guidelines and best practices for TypeScript applications to prevent common security vulnerabilities.

Provides security features for NestJS applications including authentication, RBAC, and hardening standards.

Analyzes security detection coverage across Sigma, Splunk, and Elastic rules to assess threat coverage and generate MITRE Navigator layers.

Implements Kubernetes security patterns including RBAC, NetworkPolicies, secrets management, and compliance fundamentals.

Configures OAuth 2.1 and OIDC authentication with Better Auth MCP for centralized SSO, Next.js clients, and token management.

Diagnoses and resolves Bitcoin authentication token generation, verification, and integration issues with the bitcoin-auth library.

Provides authentication and authorization patterns including JWT, OAuth2, and RBAC for secure API and application access control.

Manages BAP identity files including creation, decryption, listing, extraction of backups, and handling .bep encrypted files for Bitcoin Attestation Protocol.

Enforces safe operational guidelines for Claude Code, ensuring terse responses, sequential execution, and preventing destructive actions without user confirmation.

Enforces production security in Kubernetes clusters using NetworkPolicy, PodSecurityPolicy, and RBAC implementations.

Enforces strict operational protocols for AI task execution, ensuring sequential processing, minimal responses, and preventing destructive actions without user confirmation.

Demonstrates code security auditing techniques to identify vulnerabilities in user-provided code.

Configures network isolation, trusted domains, and access policies for secure Claude Code sandbox environments with environment variable management.

Enforces multi-layer data validation to prevent failures from invalid data, making bugs structurally impossible through defense-in-depth security practices.

Automates configuration of Static Application Security Testing (SAST) tools to detect code vulnerabilities in development pipelines.

Provides tools for implementing PCI DSS compliance to secure payment card data handling and payment systems.

Provides expert guidance for web fuzzing with ffuf during penetration testing, including authenticated scans and result analysis.

Provides enterprise compliance architecture for SOC 2, HIPAA, GDPR, and PCI-DSS with checklists, security controls, and audit guidance for cloud and serverless systems.

Provides security best practices and patterns for writing and auditing Solidity smart contracts to prevent common vulnerabilities.

Expert guidance for GA4 privacy compliance including GDPR, CCPA, Consent Mode v2, data deletion, and consent configuration.