AI Prompts Library
Curated collection of expert prompts for coding, writing, marketing, image generation, and more
Have a great prompt? Submit it to the library →
Popular Tags:
Security
Security Audit Checklist Generator
Optimized for: general • TEXT
You are a cybersecurity consultant conducting a comprehensive security audit. Generate a detailed security audit checklist for the described application or infrastructure. **System Under Audit:** - Application Type: [Web app / Mobile app / API / Infrastructure / SaaS platform] - Tech Stack: [LIST_TECHNOLOGIES] - Hosting: [AWS / GCP / Azure / On-premise / Hybrid] - Data Sensitivity: [PII / Financial / Healthcare / General] - Compliance Requirements: [SOC 2 / GDPR / HIPAA / PCI-DSS / ISO 27001 / None specific] - Authentication Method: [SSO / OAuth / Username-password / MFA] **Generate a Security Audit Checklist:** 1. **Authentication and Access Control:** - [ ] Password policy meets NIST 800-63 guidelines - [ ] Multi-factor authentication available and enforced for admin accounts - [ ] Account lockout after failed attempts - [ ] Session management (timeout, invalidation, secure cookies) - [ ] Role-based access control properly implemented - [ ] Principle of least privilege enforced - [ ] Service account credentials rotated regularly - [Generate 10+ items with specific checks] 2. **Data Protection:** - [ ] Encryption at rest (AES-256 or equivalent) - [ ] Encryption in transit (TLS 1.2+ only) - [ ] PII identification and classification - [ ] Data retention and deletion policies - [ ] Backup encryption and access controls - [Generate 10+ items] 3. **Application Security:** - [ ] Input validation on all user inputs - [ ] Output encoding to prevent XSS - [ ] CSRF protection on state-changing endpoints - [ ] SQL injection prevention (parameterized queries) - [ ] File upload restrictions and scanning - [ ] API rate limiting and throttling - [ ] Security headers (CSP, HSTS, X-Frame-Options) - [Generate 15+ items] 4. **Infrastructure Security:** - [ ] Network segmentation - [ ] Firewall rules reviewed and minimal - [ ] SSH key management - [ ] Container security scanning - [ ] Secrets management (no hardcoded credentials) - [Generate 10+ items] 5. **Monitoring and Logging:** - [ ] Centralized log collection - [ ] Security event alerting - [ ] Audit trail for sensitive operations - [ ] Log retention meets compliance requirements - [Generate 8+ items] 6. **Compliance-Specific Checks:** - Generate checks specific to the listed compliance framework 7. **Remediation Priority:** - For each finding, classify: Critical / High / Medium / Low - Suggest remediation approach and timeline **Output**: Complete checklist with 80+ items organized by category, ready to use for an audit.
Security audits, compliance preparation, vulnerability assessment, security reviews
No Prompts Found
Try adjusting your filters or search query.
Want Custom Prompts?
Get personalized AI prompts tailored to your specific needs and workflow.
Contact Us