Total 30,768 skills, Security & Compliance has 1089 skills
Showing 12 of 1089 skills
Professional Skills and Methodologies for Container Security Testing
test.
Golang Security Auditor
Contract review, redlining, and negotiation support with clause analysis, risk identification, and markup templates. Use when reviewing contracts, identifying unfavorable terms, suggesting amendments, or preparing negotiation positions.
Review contracts against your organization's negotiation playbook, flagging deviations and generating redline suggestions. Use when reviewing vendor contracts, customer agreements, or any commercial agreement where you need clause-by-clause analysis against standard positions.
Smart contract and secure API contract security analysis — invariant checking, access control, reentrancy, and integer overflow patterns. Implements Checks-Effects-Interactions pattern, formal invariant verification, and OpenSCV vulnerability taxonomy for Solidity/EVM and Rust/Solana contracts.
Cryptography expert for TLS, symmetric/asymmetric encryption, hashing, and key management
Use when testing a web application for security vulnerabilities, before deployment or during security review — guides through a structured 10-phase penetration testing methodology covering mapping, authentication, session management, access controls, injection, logic flaws, and server configuration.
Advise startup founders on choosing the best jurisdiction and legal entity for their business. Triggers when users ask about where to incorporate, which state/country to register a company, choosing between Delaware vs other states, offshore vs US incorporation, entity types (C-Corp, LLC, PBC), or jurisdiction selection for specific industries (crypto, AI, SaaS, GameDev, solopreneurs). Also triggers for questions about startup formation, company registration, or corporate structure decisions.
Java and Spring Boot security patterns. Covers Spring Security, dependency auditing, secure coding practices, and OWASP for Java ecosystem. USE WHEN: user works with "Java", "Spring Boot", "Spring Security", asks about "Java vulnerabilities", "Maven security", "Gradle security", "Java injection", "Java authentication" DO NOT USE FOR: general OWASP concepts - use `owasp` or `owasp-top-10` instead, Node.js/Python security - use language-specific skills
Universal security checklist and fixes for ANY project type or language
Apply CIS benchmarks and secure Linux servers. Configure SSH, manage users, implement firewall rules, and enable security features. Use when hardening Linux systems for production or meeting security compliance requirements.