security-scanning-security-hardening
Implement comprehensive security hardening with defense-in-depth strategy through coordinated multi-agent orchestration:
[Extended thinking: This workflow implements a defense-in-depth security strategy across all application layers. It coordinates specialized security agents to perform comprehensive assessments, implement layered security controls, and establish continuous security monitoring. The approach follows modern DevSecOps principles with shift-left security, automated scanning, and compliance validation. Each phase builds upon previous findings to create a resilient security posture that addresses both current vulnerabilities and future threats.]
Use this skill when
- Running a coordinated security hardening program
- Establishing defense-in-depth controls across app, infra, and CI/CD
- Prioritizing remediation from scans and threat modeling
Do not use this skill when
- You only need a quick scan without remediation work
- You lack authorization for security testing or changes
- The environment cannot tolerate invasive security controls
Instructions
- Execute Phase 1 to establish a security baseline.
- Apply Phase 2 remediations for high-risk issues.
- Implement Phase 3 controls and validate defenses.
- Complete Phase 4 validation and compliance checks.
Safety
- Avoid intrusive testing in production without approval.
- Ensure rollback plans exist before hardening changes.
Phase 1: Comprehensive Security Assessment
🧠 Knowledge Modules (Fractal Skills)
1. 1. Initial Vulnerability Scanning
2. 2. Threat Modeling and Risk Analysis
3. 3. Architecture Security Review
4. 4. Critical Vulnerability Fixes
5. 5. Backend Security Hardening
6. 6. Frontend Security Implementation
7. 7. Mobile Security Hardening
8. 8. Authentication and Authorization Enhancement
9. 9. Infrastructure Security Controls
10. 10. Secrets Management Implementation
11. 11. Penetration Testing and Validation
12. 12. Compliance and Standards Verification
13. 13. Security Monitoring and SIEM Integration
More from dokhacgiakhoa/antigravity-ide
ui-ux-pro-max-skill
Premium design and micro-interactions toolkit.
89notion-mcp
Official Notion Model Context Protocol Server for workspace interaction.
33filesystem-mcp
Official Filesystem Model Context Protocol Server for local file operations.
24puppeteer-mcp
Official Puppeteer Model Context Protocol Server for browser automation.
15postgres-mcp
Official PostgreSQL Model Context Protocol Server for database interaction.
14penetration-tester-master
Ultimate Offensive Security Master Skill.
13