4. Security & Compliance

Comprehensive entry point for THOR security operations: running scans, analyzing logs, troubleshooting, and developing plugins and IOCs.

Creates and deploys custom IOCs, YARA rules, Sigma rules, and STIX indicators for THOR threat detection scans.

Generates precise THOR v10/v11 command lines for security scans on hosts, directories, images, and memory dumps across Windows, Linux, and macOS.

Analyzes THOR scan logs to interpret security findings and provide guidance on triaging Notices, Warnings, and Alerts.

Enables creation and deployment of custom plugins to extend THOR security scanner functionality for enhanced vulnerability detection.

Manages THOR security tool installations, including updates, version upgrades, offline pack downloads, report generation, and YARA-Forge management.

Systematically audits code for security vulnerabilities, performance issues, and maintainability, providing optimization recommendations.

Audits code for runtime safety and security vulnerabilities during code reviews, pre-commit checks, and security assessments.

Expert in identifying and mitigating security vulnerabilities using OWASP Top 10 standards during code audits and security reviews.

Scans container images, filesystems, and repositories for vulnerabilities, including CVE detection and severity analysis.

Enforces mandatory compliance with standard operational and regulatory guidelines for all agent interactions.

Provides secrets management, credential vaulting, and SSH key rotation for senhasegura PAM platform, enabling secure DevOps integration.

Reviews engineering guardrails for completeness, executability, consistency, and verifiability, providing pre-implementation compliance decisions.

Conducts WordPress security audits to identify vulnerabilities in code, themes, plugins, and security practices like XSS and SQL injection.

Guides implementation of web application security best practices, covering OWASP Top 10, secure coding, and vulnerability remediation.

Guides implementation of DefectDojo for vulnerability management, including API interactions with security scan data and CI/CD pipeline integrations.

Comprehensive guide for deploying, configuring, and integrating Dependency-Track for software composition analysis, vulnerability scanning, and SBOM management.

Detects error handling gaps including swallowed exceptions and inconsistent responses to enhance code security and reliability.

Automates security audits to identify hardcoded secrets, SSRF, injection points, and missing security headers.

Provides an index of vulnerability detection patterns for security scanning, including universal and language-specific patterns.

Provides universal patterns for detecting common security vulnerabilities like hardcoded secrets, SQL injection, and path traversal across all programming languages.

Provides secure fixes for cryptographic vulnerabilities: weak algorithms, insecure randomness, and TLS.

Centralized index routing to specialized security remediation skills for injection, cryptography, authentication, and configuration vulnerabilities.

Provides security fix patterns for configuration and deployment vulnerabilities including path traversal, debug mode, and security headers.