Initial commit
This commit is contained in:
Zhongwei Li
72
agents/security.architect/README.md
Normal file
72
agents/security.architect/README.md
Normal file
@@ -0,0 +1,72 @@
|
||||
# Security.Architect Agent
|
||||
|
||||
## Purpose
|
||||
|
||||
Create comprehensive security architecture and assessment artifacts including threat models, security architecture diagrams, penetration testing reports, vulnerability management plans, and incident response plans. Applies security frameworks (STRIDE, NIST, ISO 27001, OWASP) and creates artifacts ready for security review and compliance audit.
|
||||
|
||||
## Skills
|
||||
|
||||
This agent uses the following skills:
|
||||
|
||||
|
||||
## Artifact Flow
|
||||
|
||||
### Consumes
|
||||
|
||||
- `System or application description`
|
||||
- `Architecture components and data flows`
|
||||
- `Security requirements or compliance needs`
|
||||
- `Assets and data classification`
|
||||
- `Existing security controls`
|
||||
- `Threat intelligence or vulnerability data`
|
||||
|
||||
### Produces
|
||||
|
||||
- `threat-model: STRIDE-based threat model with attack vectors, risk scoring, and security controls`
|
||||
- `security-architecture-diagram: Security architecture with trust boundaries, security zones, and control points`
|
||||
- `penetration-testing-report: Penetration test findings with CVSS scores and remediation recommendations`
|
||||
- `vulnerability-management-plan: Vulnerability management program with policies and procedures`
|
||||
- `incident-response-plan: Incident response playbook with roles, procedures, and escalation`
|
||||
- `security-assessment: Security posture assessment against frameworks`
|
||||
- `zero-trust-design: Zero trust architecture design with identity, device, and data controls`
|
||||
- `compliance-matrix: Compliance mapping to regulatory requirements`
|
||||
|
||||
## Example Use Cases
|
||||
|
||||
- System description with components (API gateway, tokenization service, payment processor)
|
||||
- Trust boundaries (external, DMZ, internal)
|
||||
- Asset inventory (credit card data, transaction records)
|
||||
- STRIDE threat catalog with 15-20 threats
|
||||
- Security controls mapped to each threat
|
||||
- Residual risk assessment
|
||||
- PCI-DSS compliance mapping
|
||||
- Network segmentation and security zones
|
||||
- Identity and access management (IAM) controls
|
||||
- Data encryption (at rest and in transit)
|
||||
- Tenant isolation mechanisms
|
||||
- Logging and monitoring infrastructure
|
||||
- Compliance controls for SOC 2
|
||||
- Incident classification and severity levels
|
||||
- Response team roles and responsibilities
|
||||
- Incident response procedures by type
|
||||
- Communication and escalation protocols
|
||||
- Forensics and evidence collection
|
||||
- Post-incident review process
|
||||
|
||||
## Usage
|
||||
|
||||
```bash
|
||||
# Activate the agent
|
||||
/agent security.architect
|
||||
|
||||
# Or invoke directly
|
||||
betty agent run security.architect --input <path>
|
||||
```
|
||||
|
||||
## Created By
|
||||
|
||||
This agent was created by **meta.agent**, the meta-agent for creating agents.
|
||||
|
||||
---
|
||||
|
||||
*Part of the Betty Framework*
|
||||
65
agents/security.architect/agent.yaml
Normal file
65
agents/security.architect/agent.yaml
Normal file
@@ -0,0 +1,65 @@
|
||||
name: security.architect
|
||||
version: 0.1.0
|
||||
description: Create comprehensive security architecture and assessment artifacts including
|
||||
threat models, security architecture diagrams, penetration testing reports, vulnerability
|
||||
management plans, and incident response plans. Applies security frameworks (STRIDE,
|
||||
NIST, ISO 27001, OWASP) and creates artifacts ready for security review and compliance
|
||||
audit.
|
||||
status: draft
|
||||
reasoning_mode: iterative
|
||||
capabilities:
|
||||
- Perform structured threat modeling and control gap assessments
|
||||
- Produce security architecture and testing documentation for reviews
|
||||
- Recommend remediation and governance improvements for security programs
|
||||
skills_available:
|
||||
- artifact.create
|
||||
- artifact.validate
|
||||
- artifact.review
|
||||
permissions:
|
||||
- filesystem:read
|
||||
- filesystem:write
|
||||
artifact_metadata:
|
||||
consumes:
|
||||
- type: System or application description
|
||||
description: Input artifact of type System or application description
|
||||
- type: Architecture components and data flows
|
||||
description: Input artifact of type Architecture components and data flows
|
||||
- type: Security requirements or compliance needs
|
||||
description: Input artifact of type Security requirements or compliance needs
|
||||
- type: Assets and data classification
|
||||
description: Input artifact of type Assets and data classification
|
||||
- type: Existing security controls
|
||||
description: Input artifact of type Existing security controls
|
||||
- type: Threat intelligence or vulnerability data
|
||||
description: Input artifact of type Threat intelligence or vulnerability data
|
||||
produces:
|
||||
- type: 'threat-model: STRIDE-based threat model with attack vectors, risk scoring,
|
||||
and security controls'
|
||||
description: 'Output artifact of type threat-model: STRIDE-based threat model
|
||||
with attack vectors, risk scoring, and security controls'
|
||||
- type: 'security-architecture-diagram: Security architecture with trust boundaries,
|
||||
security zones, and control points'
|
||||
description: 'Output artifact of type security-architecture-diagram: Security
|
||||
architecture with trust boundaries, security zones, and control points'
|
||||
- type: 'penetration-testing-report: Penetration test findings with CVSS scores
|
||||
and remediation recommendations'
|
||||
description: 'Output artifact of type penetration-testing-report: Penetration
|
||||
test findings with CVSS scores and remediation recommendations'
|
||||
- type: 'vulnerability-management-plan: Vulnerability management program with policies
|
||||
and procedures'
|
||||
description: 'Output artifact of type vulnerability-management-plan: Vulnerability
|
||||
management program with policies and procedures'
|
||||
- type: 'incident-response-plan: Incident response playbook with roles, procedures,
|
||||
and escalation'
|
||||
description: 'Output artifact of type incident-response-plan: Incident response
|
||||
playbook with roles, procedures, and escalation'
|
||||
- type: 'security-assessment: Security posture assessment against frameworks'
|
||||
description: 'Output artifact of type security-assessment: Security posture assessment
|
||||
against frameworks'
|
||||
- type: 'zero-trust-design: Zero trust architecture design with identity, device,
|
||||
and data controls'
|
||||
description: 'Output artifact of type zero-trust-design: Zero trust architecture
|
||||
design with identity, device, and data controls'
|
||||
- type: 'compliance-matrix: Compliance mapping to regulatory requirements'
|
||||
description: 'Output artifact of type compliance-matrix: Compliance mapping to
|
||||
regulatory requirements'
|
||||
Reference in New Issue
Block a user