4. Security & Compliance

Provides tools for securing user accounts through MFA implementation, session management, and recovery processes.

Enables secure enterprise SSO integration with multiple identity providers using JWT RS256 token validation, session management, and permission mapping.

Audits Anthropic Cookbook notebooks against a rubric to ensure quality and compliance with established standards.

Generates enterprise cybersecurity policies from SANS, CIS, and NIST templates for ISO 27001, SOC 2, and NIST compliance in multiple formats.

Audits codebases, applications, and systems for GDPR compliance, identifying data protection risks and ensuring adherence to EU data protection regulations.

Generates incident response playbooks aligned with NIST SP 800-61r3 and CISA guidance, covering 11 scenarios with GDPR/HIPAA compliance considerations.

Advanced security scanner for Claude Code plugins, detecting vulnerabilities, code obfuscation, and security anti-patterns across manifests, agents, and scripts.

Transforms security scanner results into professional reports (HTML, PDF, DOCX) with false positive reduction and MITRE ATT&CK/OWASP integration.

Conducts security code reviews to identify vulnerabilities, assess security posture, and ensure compliance with security checklists.

Ensures adherence to regulatory frameworks including GDPR, HIPAA, PCI-DSS, and SOC2 through implementation of required controls and processes.

Reviews code for security vulnerabilities, implements security controls, and hardens applications against OWASP Top 10 threats.

Identifies and analyzes security threats during system design and architecture review using STRIDE methodology for comprehensive risk assessment.

Applies layered security architecture to design controls, harden systems, and review security posture across multiple layers.

Provides implementation utilities for identity and access management, including OAuth2, OIDC, and RBAC for secure authentication and authorization.

Conducts security audits to detect unsafe code patterns and exposed secrets in source code repositories.

Conducts comprehensive application audits to evaluate security compliance, code quality, and design standards, identifying critical issues and providing improvement scores.

Scans systems for data privacy vulnerabilities and sensitive data exposure to ensure regulatory compliance.

Scans application code and database queries to detect and analyze SQL injection vulnerabilities, ensuring secure input handling and query patterns.

Scans third-party dependencies for security vulnerabilities and outdated versions to ensure package safety during audits.

Analyzes HTTP security headers to identify vulnerabilities and misconfigurations in web applications.

Scans data handling practices for GDPR compliance, ensuring adherence to EU data protection regulations.

Validates CORS policies to identify security vulnerabilities and misconfigurations in web applications.

Executes penetration testing to identify security vulnerabilities in systems during security assessments.

Automates security vulnerability scans for OWASP Top 10, SQL injection, XSS, and CSRF to identify application weaknesses.