4. Security & Compliance

Provides guidance for implementing and reviewing GDPR-compliant features in Empathy Ledger to ensure regulatory data protection standards.

Enforces dependency security scanning and SBOM generation, covering OWASP Dependency Check and npm audit for supply chain security.

Configures mutual TLS (mTLS) for zero-trust service-to-service communication, ensuring certificate-based authentication and encryption.

Verifies security considerations are addressed before shipping, issuing warnings for unresolved issues requiring remediation.

Provides comprehensive knowledge on Linux privilege escalation techniques, including enumeration and exploitation of SUID, sudo, kernel, and misconfigurations to capture root flags.

Performs dynamic security testing on web applications and APIs using OWASP ZAP, detecting vulnerabilities and generating compliance reports.

Audits code for security vulnerabilities against OWASP Top 10, focusing on authentication, API routes, and sensitive data handling.

Automates code review against security compliance standards to ensure adherence to best practices and regulatory requirements.

Expertise in vulnerability exploitation, initial access, and common attack vectors including SQLi and RCE.

Scans Python code for security vulnerabilities including hardcoded secrets and injection flaws, with remediation guidance for CI/CD pipelines.

Conducts comprehensive security audits including static analysis, dependency vulnerability checks, secrets detection, and OWASP compliance verification.

Provides secure authentication and authorization implementation using @delon/auth, including JWT management, RBAC, route guards, and Firebase Auth integration.

Monitors Ubiquiti Protect surveillance systems, tracking camera status, reviewing recordings, and alerting on security events and system health.

Derives security requirements from threat models and business context to create actionable security user stories and test cases.

Designs security controls, implements authentication/authorization, conducts threat modeling, and ensures compliance with security frameworks.

Configures OAuth 2.1 and OIDC authentication with Better Auth, supporting SSO providers, Next.js clients, PKCE, and JWKS token verification.

Audits websites for WCAG 2.1 AA/AAA compliance, ADA adherence, and assistive technology compatibility using ARIA and semantic HTML.

Performs security linting on Dockerfiles against CIS benchmarks, detecting misconfigurations and hardcoded secrets to enforce secure container image builds.

Automates SQL injection vulnerability detection, exploitation, and data extraction for authorized web application security assessments.

Creates legally compliant employment contracts, offer letters, and HR policies following labor regulations.

Provides application security expertise for vulnerability detection, code auditing, and secure development practices covering OWASP Top 10, authentication, and cryptography.

Conducts automated and manual WCAG 2.2 accessibility audits with remediation guidance for website compliance.

Analyzes code repositories to recommend secure permissions settings for Claude Code, including read-only command allowances based on detected tech stack and project structure.

Comprehensive security vulnerability analysis for codebases, dependencies, containers, and IaC, with risk scoring and remediation plans.