senior-secops

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Senior Secops

资深SecOps工具包

Complete toolkit for senior secops with modern tools and best practices.

为资深SecOps人员打造的完整工具包，包含现代化工具与最佳实践。

Quick Start

快速开始

Main Capabilities

核心能力

This skill provides three core capabilities through automated scripts:

bash

undefined

本技能通过自动化脚本提供三项核心功能：

bash

undefined

Script 1: Security Scanner

python scripts/security_scanner.py [options]

Script 2: Vulnerability Assessor

python scripts/vulnerability_assessor.py [options]

Script 3: Compliance Checker

python scripts/compliance_checker.py [options]

undefined

python scripts/compliance_checker.py [options]

undefined

Core Capabilities

核心功能

1. Security Scanner

1. 安全扫描器

Automated tool for security scanner tasks.

Features:

Automated scaffolding
Best practices built-in
Configurable templates
Quality checks

Usage:

bash

python scripts/security_scanner.py <project-path> [options]

用于安全扫描任务的自动化工具。

特性：

自动化脚手架搭建
内置最佳实践
可配置模板
质量检查

使用方法：

bash

python scripts/security_scanner.py <project-path> [options]

2. Vulnerability Assessor

2. 漏洞评估工具

Comprehensive analysis and optimization tool.

Features:

Deep analysis
Performance metrics
Recommendations
Automated fixes

Usage:

bash

python scripts/vulnerability_assessor.py <target-path> [--verbose]

全面的分析与优化工具。

特性：

深度分析
性能指标
优化建议
自动化修复

使用方法：

bash

python scripts/vulnerability_assessor.py <target-path> [--verbose]

3. Compliance Checker

3. 合规检查工具

Advanced tooling for specialized tasks.

Features:

Expert-level automation
Custom configurations
Integration ready
Production-grade output

Usage:

bash

python scripts/compliance_checker.py [arguments] [options]

用于专项任务的高级工具集。

特性：

专家级自动化
自定义配置
可集成
生产级输出

使用方法：

bash

python scripts/compliance_checker.py [arguments] [options]

Reference Documentation

参考文档

Security Standards

安全标准

Comprehensive guide available in

references/security_standards.md

Detailed patterns and practices
Code examples
Best practices
Anti-patterns to avoid
Real-world scenarios

完整指南请查看

references/security_standards.md

：

详细的模式与实践
代码示例
最佳实践
需避免的反模式
真实场景案例

Vulnerability Management Guide

漏洞管理指南

Complete workflow documentation in

references/vulnerability_management_guide.md

Step-by-step processes
Optimization strategies
Tool integrations
Performance tuning
Troubleshooting guide

完整工作流文档请查看

references/vulnerability_management_guide.md

：

分步流程
优化策略
工具集成
性能调优
故障排除指南

Compliance Requirements

合规要求

Technical reference guide in

references/compliance_requirements.md

Technology stack details
Configuration examples
Integration patterns
Security considerations
Scalability guidelines

技术参考指南请查看

references/compliance_requirements.md

：

技术栈细节
配置示例
集成模式
安全考量
可扩展性指导

Tech Stack

技术栈

Languages: TypeScript, JavaScript, Python, Go, Swift, Kotlin Frontend: React, Next.js, React Native, Flutter Backend: Node.js, Express, GraphQL, REST APIs Database: PostgreSQL, Prisma, NeonDB, Supabase DevOps: Docker, Kubernetes, Terraform, GitHub Actions, CircleCI Cloud: AWS, GCP, Azure

编程语言： TypeScript, JavaScript, Python, Go, Swift, Kotlin 前端： React, Next.js, React Native, Flutter 后端： Node.js, Express, GraphQL, REST APIs 数据库： PostgreSQL, Prisma, NeonDB, Supabase DevOps工具： Docker, Kubernetes, Terraform, GitHub Actions, CircleCI 云服务： AWS, GCP, Azure

Development Workflow

开发工作流

1. Setup and Configuration

1. 安装与配置

bash

undefined

bash

undefined

Install dependencies

安装依赖

npm install

or

或

pip install -r requirements.txt

Configure environment

配置环境变量

cp .env.example .env

undefined

cp .env.example .env

undefined

2. Run Quality Checks

2. 运行质量检查

bash

undefined

bash

undefined

Use the analyzer script

使用分析脚本

python scripts/vulnerability_assessor.py .

Review recommendations

查看优化建议

Apply fixes

应用修复方案

undefined

undefined

3. Implement Best Practices

3. 遵循最佳实践

Follow the patterns and practices documented in:

```
references/security_standards.md
```

references/vulnerability_management_guide.md

```
references/compliance_requirements.md
```

请遵循以下文档中的模式与实践：

```
references/security_standards.md
```

references/vulnerability_management_guide.md

```
references/compliance_requirements.md
```

Best Practices Summary

最佳实践总结

Code Quality

代码质量

Follow established patterns
Write comprehensive tests
Document decisions
Review regularly

遵循既定模式
编写全面的测试用例
记录决策过程
定期评审

Performance

性能

Measure before optimizing
Use appropriate caching
Optimize critical paths
Monitor in production

先测量再优化
使用合适的缓存策略
优化关键路径
生产环境监控

Security

安全

Validate all inputs
Use parameterized queries
Implement proper authentication
Keep dependencies updated

验证所有输入
使用参数化查询
实现恰当的认证机制
保持依赖更新

Maintainability

可维护性

Write clear code
Use consistent naming
Add helpful comments
Keep it simple

编写清晰的代码
使用一致的命名规范
添加有用的注释
保持简洁

Common Commands

常用命令

bash

undefined

bash

undefined

Development

开发

npm run dev npm run build npm run test npm run lint

Analysis

分析

python scripts/vulnerability_assessor.py . python scripts/compliance_checker.py --analyze

Deployment

部署

docker build -t app:latest . docker-compose up -d kubectl apply -f k8s/

undefined

docker build -t app:latest . docker-compose up -d kubectl apply -f k8s/

undefined

Troubleshooting

故障排除

Common Issues

常见问题

Check the comprehensive troubleshooting section in

references/compliance_requirements.md

请查看

references/compliance_requirements.md

中的完整故障排除章节。

Getting Help

获取帮助

Review reference documentation
Check script output messages
Consult tech stack documentation
Review error logs

查阅参考文档
检查脚本输出信息
参考技术栈文档
查看错误日志

Resources

资源

Pattern Reference:
```
references/security_standards.md
```

Workflow Guide:

references/vulnerability_management_guide.md

Technical Guide:
```
references/compliance_requirements.md
```
Tool Scripts:
```
scripts/
```
directory

模式参考：
```
references/security_standards.md
```

工作流指南：

references/vulnerability_management_guide.md

技术指南：
```
references/compliance_requirements.md
```
工具脚本：
```
scripts/
```
目录