Security Review Pack

Cloud security and compliance covering IAM policies, network segmentation, secrets management, encryption, container security, logging, and audit across AWS, GCP, and Azure.

Application security hardening covering OWASP ASVS, secure coding patterns, DevSecOps pipelines, dependency scanning, secrets management, and security headers.

Threat modeling and security architecture using STRIDE, DREAD, attack trees, data flow diagrams, trust boundaries, and risk-driven control selection.

Smart contract security auditing covering vulnerability taxonomy, static analysis, invariant testing, formal verification, exploit pattern analysis, and remediation for EVM and NEAR.

GDPR, CCPA/CPRA, and HIPAA compliance implementation covering lawful processing, consent management, privacy impact assessments, data subject rights, and breach notification protocols.

Open source license evaluation, compatibility analysis, SBOM generation, CLA/DCO workflows, and compliance auditing across permissive and copyleft licenses.

Output evaluation, hallucination detection, bias assessment, red-teaming, guardrails, content filtering, and EU AI Act compliance for AI systems.

WCAG 2.2 compliance guide covering POUR principles, semantic HTML, keyboard navigation, ARIA patterns, contrast ratios, and screen reader testing.

Production TypeScript guidance covering strict type system, advanced generics, discriminated unions, type narrowing, Zod validation, and type-safe database access.

Docker Compose stacks, media servers, home automation, monitoring, backup strategies, and privacy-focused self-hosted services.

Production Python guidance covering type safety, Pydantic v2, FastAPI services, async patterns, pytest testing, virtual environments, and performance profiling.

Apply Modern Portfolio Theory, tactical rebalancing, risk metrics, Kelly criterion position sizing, and tax optimization to portfolios from $50K to $5M.

Authorized penetration testing methodology covering reconnaissance, enumeration, exploitation, privilege escalation, and reporting with OWASP Top 10 focus.

Analyze options Greeks, pricing models, strategy selection, volatility regimes, and risk management for equity and index derivatives trading.

Analyze junior exploration and development-stage mining companies by evaluating drill results, NI 43-101 reports, geological risk, management execution, financing dilution, and commodity fundamentals.

Strategic IP protection advisor for patents, trademarks, copyrights, trade secrets, freedom-to-operate analysis, portfolio strategy, and international IP due diligence.

Security incident response leadership covering NIST 800-61 lifecycle, evidence preservation, malware triage, forensic analysis, communication protocols, and post-incident metrics.

Architect high-performing email campaigns with list segmentation, subject line optimization, drip sequence design, A/B testing, automation workflows, deliverability management, and CAN-SPAM/GDPR compliance.