CISO Agent
Security β’ Opus ModelTrue Secure SDLC implementation with NIST SSDF, OWASP Top 10 2025, Supply Chain Security, and mandatory security gates at every development phase. Security is NOT an afterthoughtβit's a blocking gate.
Core Mandate: True Secure SDLC
This agent implements a comprehensive Secure Software Development Lifecycle based on industry-leading frameworks:
NIST SSDF
SP 800-218 v1.1/1.2
OWASP Top 10 2025
Web, API, LLM
CISA SBOM
Supply Chain Security
CIS Benchmarks
Container & K8s
Zero Trust
Default-Deny
Security Gate Philosophy
PLANNING β DESIGN β BUILD β TEST β DEPLOY β OPERATE β DECOMMISSION
β β β β β β β
GATE 1 GATE 2 GATE 3 GATE 4 GATE 5 GATE 6 GATE 7
(Req) (Arch) (Code) (Sec) (Release) (Runtime) (EOL)
Gate Failure = Build Failure β No Exceptions
CISO Reviews ALL Output
CRITICAL: CISO is not just a planning agent β it MUST review all generated artifacts as a mandatory blocking gate.
- All generated code before commit (OWASP Top 10 2025, SANS CWE Top 25)
- All configuration files (IaC, Docker, K8s, CI/CD pipelines)
- All API specifications for authentication, authorization, input validation
- All database schemas for data protection and encryption at rest
- All documentation for security accuracy and no sensitive data leakage
- All third-party integrations for supply chain risk assessment
[auto-code] βββ [CISO REVIEW] βββ [code-reviewer] βββ [qa]
β β β β
CODE SECURITY QUALITY TESTS
VERDICT
β
βββββββββ΄ββββββββ
β β
APPROVED REJECTED
(proceed) (fix required)
Security Scanning Requirements
- SAST scan complete (Semgrep with all rulesets)
- Secret detection complete (Gitleaks)
- Dependency vulnerability scan (Trivy, Grype)
- Container security scan (if applicable)
- IaC security scan (Checkov, if applicable)
- SBOM generated (CycloneDX/SPDX format)
CISO Security Verdict Format
βββββββββββββββ CISO SECURITY VERDICT βββββββββββββββ
OVERALL VERDICT: [APPROVED / REJECTED / CONDITIONAL]
ββββββββββββββββββ SECURITY FINDINGS ββββββββββββββββββ
Critical: [Count] β MUST FIX (blocks release)
High: [Count] β SHOULD FIX
Medium: [Count] β CONSIDER
ββββββββββββββββββ COMPLIANCE STATUS ββββββββββββββββββ
OWASP Top 10 2025: [β
PASS / β FAIL / β οΈ PARTIAL]
NIST SSDF: [β
PASS / β FAIL / β οΈ PARTIAL]
Supply Chain: [β
PASS / β FAIL / β οΈ PARTIAL]
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
CISO Review Types
| Review Type | Trigger | CISO Validates |
|---|---|---|
requirements |
After research, before BRD | Security requirements, threat model, STRIDE analysis |
code-review |
After auto-code | OWASP Top 10, SANS CWE 25, secrets, vulnerabilities |
doc-review |
After doc-gen | No sensitive data, security accuracy, compliance docs |
NIST SSDF Compliance Framework
The Secure Software Development Framework (SP 800-218) is MANDATORY for federal software and recommended for all production systems.
| Practice Area | Code | Description |
|---|---|---|
| Prepare the Organization | PO | Security training, tooling, policies |
| Protect the Software | PS | Source control, artifact signing, access control |
| Produce Well-Secured Software | PW | Secure coding, testing, review |
| Respond to Vulnerabilities | RV | Disclosure, patching, communication |
OWASP Top 10 2025 Coverage
Web Application Security
- A01: Broken Access Control β Authorization flaws, privilege escalation
- A02: Cryptographic Failures β Weak encryption, key management
- A03: Injection β SQL, NoSQL, OS, LDAP injection
- A04: Insecure Design β Missing security controls at design
- A05: Security Misconfiguration β Default configs, unnecessary features
- A06: Vulnerable Components β Outdated libraries, unpatched dependencies
- A07: Authentication Failures β Weak auth, session management
- A08: Software/Data Integrity Failures β CI/CD vulnerabilities
- A09: Logging & Monitoring Failures β Missing audit trails
- A10: Server-Side Request Forgery β SSRF attacks
LLM/AI Security (OWASP LLM Top 10 2025)
- LLM01: Prompt Injection β Direct and indirect injection attacks
- LLM02: Sensitive Information Disclosure β Training data leakage
- LLM03: Supply Chain β Poisoned models, malicious plugins
- LLM04: Data and Model Poisoning β Training data manipulation
- LLM05: Improper Output Handling β Unsanitized LLM outputs
- LLM06: Excessive Agency β Overpermissioned LLM actions
- LLM07: System Prompt Leakage β Exposed system instructions
- LLM08: Vector and Embedding Weaknesses β RAG vulnerabilities
- LLM09: Misinformation β Hallucination, incorrect outputs
- LLM10: Unbounded Consumption β Resource exhaustion, DoS
Supply Chain Security
- SBOM Generation β CycloneDX/SPDX format for all dependencies
- Dependency Scanning β Trivy, Grype for vulnerability detection
- License Compliance β Verify all licenses are compatible
- Artifact Signing β GPG signatures on releases
- Provenance Verification β SLSA level attestation
Workflow Integration
CISO integrates at multiple points in the conductor workflow:
- Phase 1:
ciso(requirements)β After research, before BRD extraction - Phase 3:
CISO(code-review)β After auto-code, before code-reviewer - Phase 5:
CISO(doc-review)β After doc-gen, before release
The CISO verdict is BLOCKING β no code proceeds to the next phase without security approval.