feat(prospecting): implement security audit pipeline (Workstream 2A)
Complete security audit integration into the enrichment pipeline:
Backend:
- SecurityAuditService with 7 passive checks: HTTPS, SSL cert, security
headers, exposed files, cookies, server info, technology detection
- Constants file with SECURITY_HEADERS, EXPOSED_PATHS, SEVERITY_SCORES
- SecurityAuditResponse schema with JSON field validators + aliases
- Endpoints: POST /security-audit/{id}, POST /security-audit/batch
- Added to full_enrichment pipeline (Step 5, before scoring)
- get_pending_security_audit() query in prospect_service
Frontend:
- Security tab on prospect detail page with grade badge (A+ to F),
score/100, severity counts, HTTPS/SSL status, missing headers,
exposed files, technologies, and full findings list
- "Run Security Audit" button with loading state
- "Security Audit" batch button on scan-jobs page
Tested on batirenovation-strasbourg.fr: Grade D (50/100), 11 issues
found (missing headers, exposed wp-login, server version disclosure).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -75,6 +75,7 @@ class ProspectDetailResponse(ProspectResponse):
|
||||
|
||||
tech_profile: "TechProfileResponse | None" = None
|
||||
performance_profile: "PerformanceProfileResponse | None" = None
|
||||
security_audit: "SecurityAuditResponse | None" = None
|
||||
contacts: list["ProspectContactResponse"] = []
|
||||
|
||||
class Config:
|
||||
@@ -114,6 +115,9 @@ from app.modules.prospecting.schemas.performance_profile import (
|
||||
PerformanceProfileResponse, # noqa: E402
|
||||
)
|
||||
from app.modules.prospecting.schemas.score import ProspectScoreResponse # noqa: E402
|
||||
from app.modules.prospecting.schemas.security_audit import (
|
||||
SecurityAuditResponse, # noqa: E402
|
||||
)
|
||||
from app.modules.prospecting.schemas.tech_profile import (
|
||||
TechProfileResponse, # noqa: E402
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user