sdd-security-check

What problem does it solve?

Perform comprehensive security audits aligned with OWASP Top 10 and security best practices. Identify vulnerabilities before they reach production.

Core Features & Use Cases

• A01: Broken Access Control checks to verify authorization on endpoints and prevent insecure Direct Object References (IDOR) and missing function-level access control.
• A02: Cryptographic Failures checks for weak algorithms, hardcoded secrets, and insufficient encryption at rest.
• A03: Injection checks to prevent SQL/NoSQL/command/template injection through input handling and parameterization.
• A04: Insecure Design checks for missing rate limiting, brute force protection, predictable resource IDs, and threat modeling gaps.
• A05: Security Misconfiguration checks for debug mode in production, default credentials, security headers, verbose error messages, and related misconfigurations.
• A06: Vulnerable Components checks via dependency review and CVE awareness (npm audit guided).
• A07: Authentication Failures checks for session security practices and password hygiene.
• A08: Software and Data Integrity Failures checks for unsigned artifacts and insecure CI/CD practices.
• A09: Security Logging and Monitoring Failures checks to ensure secure logging practices and auditable trails.
• A10: Server-Side Request Forgery checks to validate outbound URLs and prevent misuse.

Quick Start

Run the security check against your codebase to produce a comprehensive security audit report.