4. Security & Compliance

Comprehensive testing for broken authentication, session management, and credential stuffing vulnerabilities in web applications.

Comprehensive external network penetration testing for perimeter security assessment, attack surface enumeration, and OSINT-based reconnaissance.

Provides essential penetration testing commands for Nmap, Metasploit, SQLMap, and Hydra for network scanning, exploitation, and vulnerability assessment.

Enables querying and management of CVE and CWE vulnerability databases for security analysis and auditing.

Validates HIPAA compliance for genomic data handling and audit processes, ensuring regulatory adherence in healthcare data management.

Calculates multi-state and international tax liabilities with nexus analysis to ensure regulatory compliance.

Evaluates security vulnerabilities and privacy risks of MCP servers using GitHub URLs, providing risk scores and actionable recommendations.

Evaluates agent skills for security risks including prompt injection, malicious code, and data exfiltration, providing risk scores and actionable recommendations.

Provides secure account recovery guidance with identity verification and password reset guardrails to prevent unauthorized access.

Continuously monitors third-party vendor security ratings, breach notifications, and risk changes for proactive security management.

Migrates authentication systems with credential transfer, OAuth2/OIDC configuration, and identity provider integration.

Automates adverse event monitoring and reporting to ensure compliance with MDR and MEDWATCH regulatory requirements in medical device and pharmaceutical industries.

Automates verification of third-party dependency licenses to ensure legal compliance during software migration projects.

Conducts symbolic execution analysis on smart contracts to detect deep vulnerabilities, with configurable parameters and exploit generation.

Automates exploit development for security testing using the pwntools framework, supporting vulnerability assessment and ethical hacking workflows.

Provides secure coding training and vulnerability assessment to prevent security flaws in developer code.

Provides static analysis for Ethereum smart contracts to detect vulnerabilities and ensure security compliance.

Automates security scans for code vulnerabilities, dependencies, and secrets to identify and mitigate security risks.

Assists in planning and executing software certification activities according to DO-178C standards for aviation safety-critical systems.

Provides guidance and checks to ensure adherence to employment laws and regulations across multiple jurisdictions.

Assists in planning aerospace certification processes to meet industry regulatory standards and compliance requirements.

Calculates lifting risk using the NIOSH Lifting Equation to ensure compliance with occupational safety regulations.

Generates verification and validation test cases for medical device software to ensure regulatory compliance and safety standards.

Assists in developing and qualifying welding procedures according to AWS and ASME standards for engineering safety and quality compliance.