Prompt

Implement automated security auditing and compliance checking workflows:

**Security Scanning Automation:**
- Run automated dependency vulnerability scans
- Implement SAST (Static Application Security Testing) tools
- Set up DAST (Dynamic Application Security Testing)
- Perform container and infrastructure security scanning

**Compliance Framework Implementation:**
- Implement OWASP security guidelines checking
- Set up SOC2, HIPAA, or GDPR compliance validation
- Create security policy enforcement automation
- Design audit trail and logging requirements

**Code Security Analysis:**
- Scan for hardcoded secrets and credentials
- Identify security anti-patterns and vulnerabilities
- Implement secure coding practice validation
- Create security-focused code review automation

**Infrastructure Security:**
- Audit cloud resource configurations
- Implement network security and firewall rules
- Set up intrusion detection and monitoring
- Create security incident response automation

**Continuous Security Monitoring:**
- Set up real-time security monitoring and alerting
- Implement security metrics dashboards
- Create automated security report generation
- Design security training and awareness automation

**Example Security Operations:**
```bash
# Dependency security audit
npm audit --audit-level high
# Secret scanning
git-secrets --scan
# Container security scan
docker scout cves image-name
# Infrastructure security check
checkov --framework terraform --directory .
# OWASP ZAP security scan
zap-baseline.py -t http://localhost:3000
```

Provide specific security configurations with remediation steps and compliance validation.