Code
Documentation
API Reference
Security Advisories
Releases
Contributing
License
\n secure-core / main
Default branch
src
feat: add zero-trust auth middleware
2 hours ago
docs
docs: update threat modeling guide
5 hours ago
tests
test: coverage for encryption module
1 day ago
README.md
chore: update badges & version
3 days ago
package.json
deps: bump crypto-utils to v2.4.1
4 days ago
SECURITY.md
docs: add vulnerability disclosure
1 week ago
.github/workflows/ci.yml
ci: enable sast scanning
1 week ago
๐ก๏ธ secure-core
โ CI Passing๐ SAST CleanMIT
Enterprise-grade cryptographic primitives and zero-trust authentication middleware for modern security architectures. Built by CyberVault's Open Security Initiative.
๐ Core Features
- Hardware-backed key derivation (SHA3-256, Argon2id)
- Zero-knowledge proof authentication flows
- Automatic secret rotation & vault integration
- FIPS 140-3 & Common Criteria EAL4+ compliant modules
๐ Quick Start
npm install @cybervault/secure-core
import { Vault, ZeroTrust } from '@cybervault/secure-core';
const vault = new Vault({
provider: 'hsm',
region: 'us-east-1',
autoRotate: true
});
const auth = new ZeroTrust({
mfa: 'webauthn',
deviceBinding: true,
sessionTimeout: 3600
});๐ก๏ธ Security & Compliance
All cryptographic operations are executed in isolated memory contexts with constant-time comparison routines to prevent timing attacks. Regular third-party audits are published in the audits/ directory.
๐ง Report vulnerabilities: security@cybervault.dev (PGP Key available in SECURITY.md)