{
  "scan_metadata": {
    "tool": "mockupAWS Security Scanner",
    "version": "1.0.0",
    "scan_date": "2026-04-07T00:00:00Z",
    "target": "mockupAWS v1.0.0"
  },
  "security_configuration": {
    "severity_thresholds": {
      "critical": {
        "max_allowed": 0,
        "action": "block_deployment"
      },
      "high": {
        "max_allowed": 5,
        "action": "require_approval"
      },
      "medium": {
        "max_allowed": 20,
        "action": "track"
      },
      "low": {
        "max_allowed": 100,
        "action": "track"
      }
    },
    "scan_tools": {
      "dependency_scanning": {
        "tool": "Snyk",
        "enabled": true,
        "scopes": ["python", "nodejs"],
        "severity_threshold": "high"
      },
      "sast": {
        "tool": "SonarQube",
        "enabled": true,
        "quality_gate": "strict",
        "coverage_threshold": 80
      },
      "container_scanning": {
        "tool": "Trivy",
        "enabled": true,
        "scan_types": ["filesystem", "container_image", "dockerfile"],
        "severity_threshold": "high"
      },
      "secrets_scanning": {
        "tool": "GitLeaks",
        "enabled": true,
        "scan_depth": "full_history",
        "entropy_checks": true
      },
      "dast": {
        "tool": "OWASP ZAP",
        "enabled": true,
        "scan_type": "baseline",
        "target_url": "http://localhost:8000"
      }
    }
  },
  "compliance_standards": {
    "owasp_top_10": {
      "enabled": true,
      "checks": [
        "A01:2021 - Broken Access Control",
        "A02:2021 - Cryptographic Failures",
        "A03:2021 - Injection",
        "A04:2021 - Insecure Design",
        "A05:2021 - Security Misconfiguration",
        "A06:2021 - Vulnerable and Outdated Components",
        "A07:2021 - Identification and Authentication Failures",
        "A08:2021 - Software and Data Integrity Failures",
        "A09:2021 - Security Logging and Monitoring Failures",
        "A10:2021 - Server-Side Request Forgery"
      ]
    },
    "gdpr": {
      "enabled": true,
      "checks": [
        "Data encryption at rest",
        "Data encryption in transit",
        "PII detection and masking",
        "Data retention policies",
        "Right to erasure support"
      ]
    },
    "soc2": {
      "enabled": true,
      "type": "Type II",
      "trust_service_criteria": [
        "Security",
        "Availability",
        "Processing Integrity",
        "Confidentiality"
      ]
    }
  },
  "remediation_workflows": {
    "critical": {
      "sla_hours": 24,
      "escalation": "immediate",
      "notification_channels": ["email", "slack", "pagerduty"]
    },
    "high": {
      "sla_hours": 72,
      "escalation": "daily",
      "notification_channels": ["email", "slack"]
    },
    "medium": {
      "sla_hours": 168,
      "escalation": "weekly",
      "notification_channels": ["email"]
    },
    "low": {
      "sla_hours": 720,
      "escalation": "monthly",
      "notification_channels": ["email"]
    }
  },
  "reporting": {
    "formats": ["json", "sarif", "html", "pdf"],
    "retention_days": 365,
    "dashboard_url": "https://security.mockupaws.com",
    "notifications": {
      "email": "security@mockupaws.com",
      "slack_webhook": "${SLACK_SECURITY_WEBHOOK}"
    }
  }
}