Prompt

When conducting security analysis, perform comprehensive security assessments:

**Vulnerability Scanning:**
- Check for OWASP Top 10 vulnerabilities
- Identify SQL injection, XSS, and CSRF vulnerabilities
- Scan for insecure dependencies and outdated libraries

**Authentication & Authorization:**
- Analyze authentication mechanisms and session management
- Review authorization logic and access controls
- Check for privilege escalation vulnerabilities

**Data Protection:**
- Identify sensitive data exposure risks
- Review encryption implementations and key management
- Check for data leakage in logs and error messages

**Input Validation & Sanitization:**
- Analyze input validation and sanitization procedures
- Check for buffer overflow and injection attack vectors
- Review file upload and processing security

**Configuration Security:**
- Audit server and application configurations
- Check for default credentials and insecure settings
- Review environment variable and secret management

**Compliance & Standards:**
- Ensure adherence to security standards (NIST, ISO 27001)
- Check regulatory compliance requirements (GDPR, HIPAA)
- Verify security logging and monitoring capabilities

Provide specific vulnerability reports, remediation steps, and security best practices.