security-scanning-security-hardening
Coordinate Security Scanning and Hardening
Orchestrate comprehensive security scanning, vulnerability remediation, and defense-in-depth hardening across your application, infrastructure, and compliance controls with automated DevSecOps workflows.
下載技能 ZIP
在 Claude 中上傳
前往 設定 → 功能 → 技能 → 上傳技能
開啟並開始使用
測試它
正在使用「security-scanning-security-hardening」。 Perform security hardening on my API service
預期結果:
Security hardening plan: Phase 1 - Vulnerability scanning completed. Found 3 critical SQL injection vulnerabilities. Phase 2 - Applied parameterized queries fix. Phase 3 - Implemented OAuth2 authentication, rate limiting, and AES-256 encryption. Phase 4 - Validated against OWASP Top 10, zero findings remaining.
正在使用「security-scanning-security-hardening」。 Help me prepare for SOC2 compliance
預期結果:
SOC2 compliance preparation: Implemented access controls with MFA, encrypted data at rest with AES-256 and in transit with TLS 1.3, configured security monitoring with ELK stack, established incident response procedures. Gap analysis shows 85% compliance readiness.
安全審計
安全All 11 static findings evaluated as false positives. The skill is a legitimate defensive security orchestration tool for DevSecOps workflows. References to Metasploit, CIS Benchmarks, AES-256, and mobile security terms are all standard security industry practices. No malicious intent detected.
高風險問題 (5)
低風險問題 (1)
品質評分
你能建構什麼
DevSecOps Security Automation
Integrate automated security scanning and hardening into CI/CD pipelines to catch vulnerabilities early and maintain continuous security posture.
Application Security Hardening
Apply comprehensive security controls to applications including input validation, encryption, authentication hardening, and secure configuration.
Compliance Preparation
Prepare for security compliance audits by implementing controls and generating documentation for OWASP, SOC2, CIS, and other frameworks.
試試這些提示
Use the security-scanning-security-hardening skill to perform a quick vulnerability scan on my application. Focus on identifying critical issues and provide a prioritized remediation list.
Use the security-scanning-security-hardening skill to implement comprehensive security hardening for my application. Include vulnerability assessment, backend security controls, frontend security measures, and compliance validation.
Use the security-scanning-security-hardening skill to validate my application against OWASP ASVS Level 2 and CIS Benchmarks. Generate a compliance gap analysis and remediation plan.
Use the security-scanning-security-hardening skill to establish security monitoring and SIEM integration for my infrastructure. Configure automated incident response playbooks for critical security events.
最佳實務
- Run security assessments in non-production environments first before applying changes to production
- Always maintain rollback plans when implementing security hardening changes
- Prioritize remediation based on CVSS scores and business impact, not just automated findings
避免
- Do not skip authorization checks - always verify you have permission before running security scans
- Do not apply security changes without testing in a staging environment first
- Do not rely solely on automated scanning - combine with manual security review for critical systems