-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathllms.txt
More file actions
40 lines (35 loc) · 1.29 KB
/
llms.txt
File metadata and controls
40 lines (35 loc) · 1.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# @nis2shield/express-middleware - AI Context
## What is this library?
An Express.js middleware for NIS2 Directive compliance.
Provides forensic logging, rate limiting, IP blocking, session guard, and security headers.
## Core Function
```typescript
import { nis2Shield } from '@nis2shield/express-middleware';
app.use(nis2Shield({ enabled: true }));
```
## Key Features
- Forensic Logging: JSON with HMAC-SHA256 integrity, PII encryption
- Rate Limiting: Token bucket algorithm
- IP Blocking: Static IPs, Tor exit nodes, countries (GeoIP)
- Session Guard: IP/User-Agent validation
- Security Headers: HSTS, CSP, X-Frame-Options
- SIEM: Splunk HEC, Datadog, QRadar connectors
- Webhooks: Slack/Teams alerts for security events
- Compliance CLI: `npx check-nis2`
## Configuration
```typescript
nis2Shield({
encryptionKey: process.env.NIS2_ENCRYPTION_KEY, // AES-256
integrityKey: process.env.NIS2_HMAC_KEY, // HMAC signing
logging: { enabled: true, anonymizeIP: true, encryptPII: true },
activeDefense: {
rateLimit: { enabled: true, windowMs: 60000, max: 100 },
blockTor: true,
},
securityHeaders: { enabled: true, hsts: true },
})
```
## NIS2 Articles Addressed
- Art. 21.2.a: IP blocking, Tor detection
- Art. 21.2.e: Rate limiting, DoS protection
- Art. 21.2.h: Log integrity, audit trails