senior-secops

Main Capabilities

This skill provides three core capabilities through automated scripts:

```bash

# Script 1: Security Scanner

python scripts/security_scanner.py [options]

# Script 2: Vulnerability Assessor

python scripts/vulnerability_assessor.py [options]

# Script 3: Compliance Checker

python scripts/compliance_checker.py [options]

```

1. Security Scanner

Automated tool for security scanner tasks.

Features:

• Automated scaffolding
• Best practices built-in
• Configurable templates
• Quality checks

Usage:

```bash

python scripts/security_scanner.py [options]

```

2. Vulnerability Assessor

Comprehensive analysis and optimization tool.

Features:

• Deep analysis
• Performance metrics
• Recommendations
• Automated fixes

Usage:

```bash

python scripts/vulnerability_assessor.py [--verbose]

```

3. Compliance Checker

Advanced tooling for specialized tasks.

Features:

• Expert-level automation
• Custom configurations
• Integration ready
• Production-grade output

Usage:

```bash

python scripts/compliance_checker.py [arguments] [options]

```

Security Standards

Comprehensive guide available in references/security_standards.md:

• Detailed patterns and practices
• Code examples
• Best practices
• Anti-patterns to avoid
• Real-world scenarios

Vulnerability Management Guide

Complete workflow documentation in references/vulnerability_management_guide.md:

• Step-by-step processes
• Optimization strategies
• Tool integrations
• Performance tuning
• Troubleshooting guide

Compliance Requirements

Technical reference guide in references/compliance_requirements.md:

• Technology stack details
• Configuration examples
• Integration patterns
• Security considerations
• Scalability guidelines

Languages: TypeScript, JavaScript, Python, Go, Swift, Kotlin

Frontend: React, Next.js, React Native, Flutter

Backend: Node.js, Express, GraphQL, REST APIs

Database: PostgreSQL, Prisma, NeonDB, Supabase

DevOps: Docker, Kubernetes, Terraform, GitHub Actions, CircleCI

Cloud: AWS, GCP, Azure

1. Setup and Configuration

```bash

# Install dependencies

npm install

# or

pip install -r requirements.txt

# Configure environment

cp .env.example .env

```

2. Run Quality Checks

```bash

# Use the analyzer script

python scripts/vulnerability_assessor.py .

# Review recommendations

# Apply fixes

```

3. Implement Best Practices

Follow the patterns and practices documented in:

• references/security_standards.md
• references/vulnerability_management_guide.md
• references/compliance_requirements.md

Code Quality

• Follow established patterns
• Write comprehensive tests
• Document decisions
• Review regularly

Performance

• Measure before optimizing
• Use appropriate caching
• Optimize critical paths
• Monitor in production

Security

• Validate all inputs
• Use parameterized queries
• Implement proper authentication
• Keep dependencies updated

Maintainability

• Write clear code
• Use consistent naming
• Add helpful comments
• Keep it simple

```bash

# Development

npm run dev

npm run build

npm run test

npm run lint

# Analysis

python scripts/vulnerability_assessor.py .

python scripts/compliance_checker.py --analyze

# Deployment

docker build -t app:latest .

docker-compose up -d

kubectl apply -f k8s/

```

Common Issues

Check the comprehensive troubleshooting section in references/compliance_requirements.md.

Getting Help

• Review reference documentation
• Check script output messages
• Consult tech stack documentation
• Review error logs

• Pattern Reference: references/security_standards.md
• Workflow Guide: references/vulnerability_management_guide.md
• Technical Guide: references/compliance_requirements.md
• Tool Scripts: scripts/ directory