Prompts

Vulnerability Management Program

Build a vulnerability management program with discovery, triage, remediation SLAs, risk scoring, and continuous monitoring across all assets.

Secure SDLC Implementation

Implement a Secure Software Development Lifecycle with threat modeling, security requirements, code review, and security testing gates.

DAST Implementation

Implement Dynamic Application Security Testing with automated scanning, authenticated crawling, and integration into CI/CD pipelines.

SAST Integration

Integrate Static Application Security Testing into the development workflow with CI gates, IDE plugins, and finding management processes.

Secret Detection Pipeline

Build a secret detection pipeline using pre-commit hooks, CI scanning, and repository monitoring to prevent secret leakage in code.

Secret Rotation Automation

Automate secret rotation for database credentials, API keys, certificates, and tokens with zero-downtime rotation procedures.

Secrets Management Architecture

Design a secrets management architecture using Vault, AWS Secrets Manager, or equivalent for centralized secret storage and distribution.

Third-Party Integration Security

Secure third-party integrations with vendor assessment, API key management, data sharing controls, and ongoing monitoring.

Code & Artifact Signing

Implement code and artifact signing for release integrity using Sigstore, GPG, or platform-native signing with verification workflows.

Container Image Supply Chain

Secure the container image supply chain with trusted base images, scanning, signing, and admission control for image provenance.

CI/CD Pipeline Security

Secure CI/CD pipelines against supply chain attacks with secret management, build integrity, artifact signing, and pipeline hardening.

SBOM Generation & Management

Implement Software Bill of Materials generation, management, and consumption for supply chain transparency and vulnerability tracking.

Dependency Security Management

Manage dependency security with vulnerability scanning, update policies, license compliance, and supply chain attack prevention.

Zero Trust Architecture

Design a Zero Trust security architecture with identity-based access, micro-segmentation, continuous verification, and least-privilege enforcement.

Server & OS Hardening

Harden servers and operating systems with CIS benchmarks, patch management, access controls, and attack surface reduction.

Security Logging & SIEM

Design security logging and SIEM integration for threat detection, incident response, and compliance with structured event collection.

IAM Policy Design

Design cloud IAM policies with least-privilege access, role separation, cross-account patterns, and automated policy analysis.

Kubernetes Security Hardening

Harden Kubernetes clusters with pod security standards, RBAC, network policies, admission controllers, and runtime monitoring.

Container Security

Secure container workloads with image scanning, runtime protection, least-privilege configurations, and supply chain integrity controls.

Network Security Architecture

Design network security architecture with segmentation, firewall rules, VPC configuration, and micro-segmentation for defense in depth.

GraphQL Security

Secure GraphQL APIs against query complexity attacks, introspection abuse, injection, and excessive data exposure with depth and cost limits.

Webhook Security

Secure webhook implementations with signature verification, replay prevention, idempotency, and failure handling for reliable event delivery.

API Abuse Prevention

Implement API abuse prevention with rate limiting, throttling, bot detection, and cost-based controls to protect against automated attacks.

API Output Security

Secure API responses by preventing data leakage, implementing response filtering, and controlling error information exposure.