Security Scanning

Perform comprehensive security scanning across your entire stack including applications, infrastructure, containers, dependencies, and cloud environments. This skill integrates LLM-based security analysis with industry-standard tools to identify vulnerabilities, misconfigurations, and security weaknesses.

When to use me

Use this skill when:

You need a complete security assessment of your application and infrastructure
You want to integrate multiple security scanning tools into a unified workflow
You need LLM-powered analysis to identify complex security issues
You're preparing for security audits or compliance certifications
You want to establish baseline security scanning in CI/CD pipelines
You need to scan across multiple environments (cloud, containers, infrastructure)

What I do

LLM-based security analysis: Use AI to identify complex security patterns, business logic flaws, and novel vulnerabilities
Integrated tool ecosystem: Orchestrate OWASP ZAP, Snyk, Trivy, Nessus, and other security scanners
Multi-layer scanning: Application (SAST/DAST), infrastructure (IaC scanning), containers, dependencies, cloud configurations
Vulnerability correlation: Correlate findings across different scanning tools to prioritize critical issues
Compliance mapping: Map vulnerabilities to compliance frameworks (SOC 2, ISO 27001, HIPAA, GDPR)
Remediation guidance: Provide specific, actionable remediation steps for each finding
Risk scoring: Calculate risk scores based on CVSS, exploit availability, and business impact

Examples

bash

# Run comprehensive security scan
./scripts/security-scan.sh --target https://app.example.com

# Scan Docker containers
./scripts/security-scan.sh --container myapp:latest

# Scan infrastructure as code
./scripts/security-scan.sh --iac terraform/

# Generate compliance report
./scripts/security-scan.sh --compliance soc2

# LLM-powered security analysis
./scripts/security-scan.sh --llm-analysis --context "Payment processing system"

Output format

Security Scan Report
─────────────────────────────────────
Scan Date: 2025-01-15T10:30:00Z
Target: https://app.example.com
Scan Duration: 2m 45s

CRITICAL FINDINGS (3):
────────────────────────
❌ SQL Injection in /api/users endpoint
   Risk: Critical (CVSS 9.8)
   Detection: OWASP ZAP + LLM analysis
   Remediation: Use parameterized queries, implement input validation
   Compliance Impact: PCI DSS 6.5.1, OWASP A1

❌ Hard-coded AWS credentials in config file
   Risk: Critical (CVSS 8.9)
   Detection: TruffleHog + LLM pattern matching
   Remediation: Move to AWS Secrets Manager, rotate credentials
   Compliance Impact: SOC 2 CC6.1, ISO 27001 A.9.4.1

❌ Unpatched vulnerability in nginx:1.18 (CVE-2021-23017)
   Risk: Critical (CVSS 9.1)
   Detection: Trivy container scan
   Remediation: Upgrade to nginx 1.20+, apply security patches
   Compliance Impact: PCI DSS 6.2, ISO 27001 A.12.6.1

HIGH FINDINGS (8):
───────────────────
⚠️ Missing Content Security Policy header
⚠️ Excessive permissions in IAM role (AdminAccess)
⚠️ Outdated OpenSSL library (CVE-2022-2068)
⚠️ Docker container running as root
⚠️ API endpoint without rate limiting
⚠️ Sensitive data in application logs
⚠️ Missing MFA for administrative access
⚠️ Unencrypted S3 bucket

MEDIUM/LOW FINDINGS (14):
──────────────────────────
ℹ️ Security headers missing (X-Frame-Options, X-Content-Type-Options)
ℹ️ Verbose error messages revealing system information
ℹ️ Session timeout too long (24 hours)
ℹ️ Cross-site request forgery (CSRF) protection missing

LLM SECURITY ANALYSIS:
──────────────────────
🔍 Business Logic Vulnerabilities:
   • Payment amount manipulation possible in checkout flow
   • Privilege escalation via IDOR in admin panel
   • Race condition in inventory reservation system

🔍 Architectural Security Issues:
   • Monolithic architecture increases attack surface
   • Lack of network segmentation between tiers
   • Insufficient logging for security events

🔍 Compliance Gaps:
   • Missing data retention policy implementation
   • Inadequate incident response procedures
   • Insufficient employee security training documentation

SUMMARY:
────────
Total Findings: 25
Critical: 3 | High: 8 | Medium: 9 | Low: 5
Risk Score: 78/100 (High Risk)
Compliance Status: 65% compliant with SOC 2

RECOMMENDATIONS:
────────────────
1. IMMEDIATE ACTION: Fix 3 critical vulnerabilities within 24 hours
2. PRIORITY: Address 8 high-risk issues within 7 days
3. IMPROVEMENTS: Implement security controls for medium/low issues
4. ARCHITECTURAL: Consider microservices segmentation, zero-trust network
5. PROCESS: Establish security training program, incident response plan

Notes

Integrates with existing CI/CD pipelines and security tools
LLM analysis requires careful validation to avoid false positives
Different scanning tools may have different licensing requirements
Some scanners require authentication tokens or API keys
Always validate findings before taking remediation actions
Consider running scans during off-peak hours to minimize performance impact
Regular scanning (daily/weekly) recommended for production systems
Keep scanning tools updated to detect latest vulnerabilities

security-scan

NPX Install

Tags

SKILL.md Content