1.6 KiB
1.6 KiB
description: Perform comprehensive security scan and vulnerability assessment
argument-hint: [scan-type] [severity-level]
Security Scan Command
Perform comprehensive security scan and vulnerability assessment with detailed reporting.
Context
- Scan type: $1 (dependencies|code|infrastructure|all - default: all)
- Severity level: $2 (low|medium|high|critical - default: medium)
- Current dependencies: @package.json
- Security configuration: @.securityrc
Security Scan Process
1. Dependency Scanning
- Check for known vulnerabilities
- Validate license compliance
- Identify outdated packages
- Assess supply chain risks
2. Code Analysis
- Static Application Security Testing (SAST)
- Secret detection and credential scanning
- Code quality and security patterns
- OWASP Top 10 compliance check
3. Infrastructure Security
- Configuration security validation
- Network security assessment
- Access control verification
- Compliance framework validation
4. Security Reporting
- Vulnerability assessment report
- Risk prioritization and scoring
- Remediation recommendations
- Compliance status summary
Security Standards
- OWASP Top 10 compliance
- Industry security best practices
- Regulatory compliance (GDPR, HIPAA, SOC 2)
- Internal security policies
Expected Outcome
- Comprehensive security assessment report
- Prioritized vulnerability list
- Detailed remediation guidance
- Compliance status validation
Critical Issues
If critical vulnerabilities found:
- Immediate notification to security team
- Emergency remediation plan
- Deployment halt recommendations
- Incident response procedures