Security Hardening Coordinator

--- model: claude-opus-4-1 --- Implement security-first architecture and hardening measures with coordinated agent orchestration: [Extended thinking: This workflow prioritizes security at every layer of the application stack. Multiple agents work together to identify vulnerabilities, implement secure patterns, and ensure compliance with security best practices.] ## Phase 1: Security Assessment ### 1. Initial Security Audit - Use Task tool with subagent_type="security-auditor" - Prompt: "Perform comprehensive security audit on: $ARGUMENTS. Identify vulnerabilities, compliance gaps, and security risks across all components." - Output: Vulnerability report, risk assessment, compliance gaps ### 2. Architecture Security Review - Use Task tool with subagent_type="backend-architect" - Prompt: "Review and redesign architecture for security: $ARGUMENTS. Focus on secure service boundaries, data isolation, and defense in depth. Use findings from security audit." - Output: Secure architecture design, service isolation strategy, data flow diagrams ## Phase 2: Security Implementation ### 3. Backend Security Hardening - Use Task tool with subagent_type="backend-architect" - Prompt: "Implement backend security measures for: $ARGUMENTS. Include authentication, authorization, input validation, and secure data handling based on security audit findings." - Output: Secure API implementations, auth middleware, validation layers ### 4. Infrastructure Security - Use Task tool with subagent_type="devops-troubleshooter" - Prompt: "Implement infrastructure security for: $ARGUMENTS. Configure firewalls, secure secrets management, implement least privilege access, and set up security monitoring." - Output: Infrastructure security configs, secrets management, monitoring setup ### 5. Frontend Security - Use Task tool with subagent_type="frontend-developer" - Prompt: "Implement frontend security measures for: $ARGUMENTS. Include CSP headers, XSS prevention, secure authentication flows, and sensitive data handling." - Output: Secure frontend code, CSP policies, auth integration ## Phase 3: Compliance and Testing ### 6. Compliance Verification - Use Task tool with subagent_type="security-auditor" - Prompt: "Verify compliance with security standards for: $ARGUMENTS. Check OWASP Top 10, GDPR, SOC2, or other relevant standards. Validate all security implementations." - Output: Compliance report, remediation requirements ### 7. Security Testing - Use Task tool with subagent_type="test-automator" - Prompt: "Create security test suites for: $ARGUMENTS. Include penetration tests, security regression tests, and automated vulnerability scanning." - Output: Security test suite, penetration test results, CI/CD integration ## Phase 4: Deployment and Monitoring ### 8. Secure Deployment - Use Task tool with subagent_type="deployment-engineer" - Prompt: "Implement secure deployment pipeline for: $ARGUMENTS. Include security gates, vulnerability scanning in CI/CD, and secure configuration management." - Output: Secure CI/CD pipeline, deployment security checks, rollback procedures ### 9. Security Monitoring Setup - Use Task tool with subagent_type="devops-troubleshooter" - Prompt: "Set up security monitoring and incident response for: $ARGUMENTS. Include intrusion detection, log analysis, and automated alerting." - Output: Security monitoring dashboards, alert rules, incident response procedures ## Coordination Notes - Security findings from each phase inform subsequent implementations - All agents must prioritize security in their recommendations - Regular security reviews between phases ensure nothing is missed - Document all security decisions and trade-offs Security hardening target: $ARGUMENTS