import json
import math
import re
import hashlib
import datetime
import base64
import html
from typing import Dict, List, Optional, Any, Union

class ComprehensiveSecurityAssessment:
    """
    Comprehensive security assessment coordinator
    Integrates all security modules and generates unified reports
    """
    
    def __init__(self):
        self.assessment_modules = {}
        self.overall_vulnerabilities = []
        self.assessment_summary = {}
        
    def load_assessment_modules(self):
        """Load all security assessment modules"""
        # Import individual assessment modules
        from authentication_security import AuthenticationSecurityAssessment
        from authorization_testing import AuthorizationControlTesting
        from session_management import SessionManagementSecurity
        from input_validation import InputValidationSecurityScanner
        
        self.assessment_modules = {
            "authentication": AuthenticationSecurityAssessment(),
            "authorization": AuthorizationControlTesting(),
            "session_management": SessionManagementSecurity(),
            "input_validation": InputValidationSecurityScanner()
        }
    
    def run_comprehensive_assessment(self, config: Dict) -> Dict:
        """Run comprehensive security assessment across all modules"""
        assessment_results = {
            "assessment_metadata": {
                "start_time": datetime.datetime.now().isoformat(),
                "assessment_version": "1.0",
                "assessed_components": list(self.assessment_modules.keys()),
                "configuration": config
            },
            "module_results": {},
            "vulnerability_summary": {},
            "risk_assessment": {},
            "remediation_plan": {}
        }
        
        # Run assessments for each module
        for module_name, module in self.assessment_modules.items():
            try:
                module_config = config.get(module_name, {})
                
                if module_name == "authentication":
                    result = self._run_authentication_assessment(module, module_config)
                elif module_name == "authorization":
                    result = self._run_authorization_assessment(module, module_config)
                elif module_name == "session_management":
                    result = self._run_session_assessment(module, module_config)
                elif module_name == "input_validation":
                    result = self._run_input_validation_assessment(module, module_config)
                else:
                    result = {"error": f"Unknown module: {module_name}"}
                
                assessment_results["module_results"][module_name] = result
                
                # Collect vulnerabilities
                if "vulnerabilities" in result:
                    self.overall_vulnerabilities.extend([
                        {
                            "module": module_name,
                            **vuln
                        } for vuln in result["vulnerabilities"]
                    ])
                    
            except Exception as e:
                assessment_results["module_results"][module_name] = {
                    "error": f"Assessment failed: {str(e)}"
                }
        
        # Generate vulnerability summary
        assessment_results["vulnerability_summary"] = self._generate_vulnerability_summary()
        
        # Generate risk assessment
        assessment_results["risk_assessment"] = self._generate_risk_assessment()
        
        # Generate remediation plan
        assessment_results["remediation_plan"] = self._generate_remediation_plan()
        
        # Add completion metadata
        assessment_results["assessment_metadata"]["end_time"] = datetime.datetime.now().isoformat()
        assessment_results["assessment_metadata"]["duration_seconds"] = (
            datetime.datetime.fromisoformat(assessment_results["assessment_metadata"]["end_time"]) -
            datetime.datetime.fromisoformat(assessment_results["assessment_metadata"]["start_time"])
        ).total_seconds()
        
        return assessment_results
    
    def _run_authentication_assessment(self, module, config: Dict) -> Dict:
        """Run authentication security assessment"""
        # Test password policies
        password_config = config.get("password_policies", {
            "min_length": 6,
            "require_uppercase": False,
            "require_special_chars": False
        })
        password_results = module.test_password_policies(password_config)
        
        # Test brute force protection
        brute_force_config = config.get("brute_force_protection", {
            "max_login_attempts": 15,
            "lockout_duration": 180
        })
        brute_force_results = module.test_brute_force_protection(brute_force_config)
        
        # Test authentication bypass
        auth_bypass_config = config.get("authentication_bypass", {
            "input_validation": {"sanitize_sql_inputs": False},
            "default_credentials_changed": False
        })
        bypass_results = module.test_authentication_bypass(auth_bypass_config)
        
        # Collect vulnerabilities
        vulnerabilities = []
        if password_results["weak_passwords_found"] > 0:
            vulnerabilities.append({
                "type": "weak_password_policy",
                "severity": "medium",
                "description": f"Found {password_results['weak_passwords_found']} weak passwords that pass validation"
            })
        
        if len(brute_force_results["vulnerabilities"]) > 0:
            vulnerabilities.append({
                "type": "brute_force_vulnerability",
                "severity": "high",
                "description": "Insufficient brute force protection"
            })
        
        if len(bypass_results["vulnerabilities_found"]) > 0:
            vulnerabilities.append({
                "type": "authentication_bypass",
                "severity": "critical",
                "description": "Authentication bypass techniques successful"
            })
        
        module.vulnerabilities = vulnerabilities
        module.test_results = {
            "password_policies": password_results,
            "brute_force_protection": brute_force_results,
            "authentication_bypass": bypass_results
        }
        
        return module.generate_assessment_report()
    
    def _run_authorization_assessment(self, module, config: Dict) -> Dict:
        """Run authorization control assessment"""
        # Test RBAC
        rbac_config = config.get("rbac", {
            "role_permissions": {
                "admin": ["read", "write", "delete", "manage_users", "system_config"],
                "moderator": ["read", "write", "moderate_content", "manage_users"],  # Over-privileged
                "user": ["read", "write_own"],
                "guest": ["read"]
            }
        })
        rbac_results = module.test_role_based_access_control(rbac_config)
        
        # Test horizontal privilege escalation
        horizontal_config = config.get("horizontal_privilege", {
            "validate_user_ownership": False,
            "strict_profile_access": False
        })
        horizontal_results = module.test_horizontal_privilege_escalation(horizontal_config)
        
        # Test vertical privilege escalation
        vertical_config = config.get("vertical_privilege", {
            "authorization_bypass_enabled": True,
            "role_permissions": rbac_config["role_permissions"]
        })
        vertical_results = module.test_vertical_privilege_escalation(vertical_config)
        
        # Test IDOR
        idor_config = config.get("idor", {
            "object_ownership_validation": False,
            "allow_path_traversal": True
        })
        idor_results = module.test_insecure_direct_object_references(idor_config)
        
        # Collect vulnerabilities
        vulnerabilities = []
        if len(rbac_results["privilege_escalation_vectors"]) > 0:
            for vector in rbac_results["privilege_escalation_vectors"]:
                vulnerabilities.append({
                    "type": "privilege_escalation",
                    "severity": vector.get("risk", "medium"),
                    "description": f"Role {vector['role']} has excessive permissions: {vector['extra_permissions']}"
                })
        
        if len(horizontal_results["vulnerabilities"]) > 0:
            vulnerabilities.extend(horizontal_results["vulnerabilities"])
        
        if len(vertical_results["vulnerabilities"]) > 0:
            vulnerabilities.extend(vertical_results["vulnerabilities"])
        
        if len(idor_results["idor_vulnerabilities"]) > 0:
            vulnerabilities.extend(idor_results["idor_vulnerabilities"])
        
        module.vulnerabilities = vulnerabilities
        module.test_results = {
            "rbac_testing": rbac_results,
            "horizontal_privilege_escalation": horizontal_results,
            "vertical_privilege_escalation": vertical_results,
            "idor_testing": idor_results
        }
        
        return module.generate_authorization_report()
    
    def _run_session_assessment(self, module, config: Dict) -> Dict:
        """Run session management assessment"""
        # Test token generation
        token_config = config.get("token_generation", {
            "token_length": 8,
            "token_source": "sequential",
            "use_crypto_random": False
        })
        token_results = module.test_session_token_generation(token_config)
        
        # Test session hijacking
        hijack_config = config.get("session_hijacking", {
            "allow_external_session": True,
            "regenerate_on_login": False,
            "use_https": False,
            "secure_cookie": False,
            "http_only_cookie": False
        })
        hijack_results = module.test_session_hijacking_vulnerabilities(hijack_config)
        
        # Test session timeout
        timeout_config = config.get("session_timeout", {
            "idle_timeout": 0,
            "absolute_timeout": 0,
            "remember_me_timeout": 7776000
        })
        timeout_results = module.test_session_timeout_configuration(timeout_config)
        
        # Test session storage
        storage_config = config.get("session_storage", {
            "storage_type": "file",
            "encrypt_session_data": False,
            "secure_file_permissions": False,
            "world_readable": True
        })
        storage_results = module.test_session_storage_security(storage_config)
        
        # Collect vulnerabilities
        vulnerabilities = []
        vulnerabilities.extend(token_results["vulnerabilities"])
        vulnerabilities.extend(hijack_results["session_hijacking_vectors"])
        vulnerabilities.extend(timeout_results["timeout_vulnerabilities"])
        vulnerabilities.extend(storage_results["storage_vulnerabilities"])
        
        module.vulnerabilities = vulnerabilities
        module.test_results = {
            "token_generation": token_results,
            "session_hijacking": hijack_results,
            "session_timeout": timeout_results,
            "session_storage": storage_results
        }
        
        return module.generate_session_management_report()
    
    def _run_input_validation_assessment(self, module, config: Dict) -> Dict:
        """Run input validation assessment"""
        # Test XSS
        xss_config = config.get("xss", {
            "filter_rules": ["<script>"],
            "sanitize_html": False,
            "strip_tags": False,
            "xss_protection": False,
            "case_sensitive_validation": True
        })
        xss_results = module.test_xss_vulnerabilities(xss_config)
        
        # Test SQL injection
        sql_config = config.get("sql_injection", {
            "parameterized_queries": False,
            "sql_input_validation": False,
            "prevent_db_enumeration": False
        })
        sql_results = module.test_sql_injection_vulnerabilities(sql_config)
        
        # Test command injection
        cmd_config = config.get("command_injection", {
            "command_input_validation": False,
            "shell_escape": False
        })
        cmd_results = module.test_command_injection_vulnerabilities(cmd_config)
        
        # Test validation bypass
        bypass_config = config.get("validation_bypass", {
            "decode_input": False,
            "case_sensitive_validation": True,
            "truncate_input": True
        })
        bypass_results = module.test_input_validation_bypasses(bypass_config)
        
        # Collect vulnerabilities
        vulnerabilities = []
        if len(xss_results["vulnerable_endpoints"]) > 0:
            for vuln in xss_results["vulnerable_endpoints"]:
                vulnerabilities.append({
                    "type": "xss",
                    "severity": vuln["severity"],
                    "description": f"XSS in {vuln['endpoint']} parameter {vuln['parameter']}"
                })
        
        if len(sql_results["vulnerable_queries"]) > 0:
            for vuln in sql_results["vulnerable_queries"]:
                vulnerabilities.append({
                    "type": "sql_injection",
                    "severity": vuln["severity"],
                    "description": f"SQL injection in {vuln['context']}: {vuln['injection_type']}"
                })
        
        if len(cmd_results["vulnerable_commands"]) > 0:
            for vuln in cmd_results["vulnerable_commands"]:
                vulnerabilities.append({
                    "type": "command_injection",
                    "severity": vuln["severity"],
                    "description": f"Command injection in {vuln['context']}: {vuln['system_impact']}"
                })
        
        if len(bypass_results["bypass_techniques"]) > 0:
            for vuln in bypass_results["bypass_techniques"]:
                vulnerabilities.append({
                    "type": "validation_bypass",
                    "severity": vuln["severity"],
                    "description": f"Validation bypass in {vuln['input_type']}: {vuln['bypass_type']}"
                })
        
        module.vulnerabilities = vulnerabilities
        module.test_results = {
            "xss_testing": xss_results,
            "sql_injection_testing": sql_results,
            "command_injection_testing": cmd_results,
            "validation_bypass_testing": bypass_results
        }
        
        return module.generate_input_validation_report()
    
    def _generate_vulnerability_summary(self) -> Dict:
        """Generate comprehensive vulnerability summary"""
        summary = {
            "total_vulnerabilities": len(self.overall_vulnerabilities),
            "by_severity": {
                "critical": 0,
                "high": 0,
                "medium": 0,
                "low": 0
            },
            "by_module": {},
            "by_type": {},
            "top_critical_vulnerabilities": []
        }
        
        # Count by severity
        for vuln in self.overall_vulnerabilities:
            severity = vuln.get("severity", "low")
            summary["by_severity"][severity] += 1
        
        # Count by module
        for vuln in self.overall_vulnerabilities:
            module = vuln.get("module", "unknown")
            summary["by_module"][module] = summary["by_module"].get(module, 0) + 1
        
        # Count by type
        for vuln in self.overall_vulnerabilities:
            vuln_type = vuln.get("type", "unknown")
            summary["by_type"][vuln_type] = summary["by_type"].get(vuln_type, 0) + 1
        
        # Get top critical vulnerabilities
        critical_vulns = [v for v in self.overall_vulnerabilities if v.get("severity") == "critical"]
        summary["top_critical_vulnerabilities"] = critical_vulns[:10]  # Top 10
        
        return summary
    
    def _generate_risk_assessment(self) -> Dict:
        """Generate overall risk assessment"""
        summary = self._generate_vulnerability_summary()
        critical_count = summary["by_severity"]["critical"]
        high_count = summary["by_severity"]["high"]
        total_count = summary["total_vulnerabilities"]
        
        # Calculate overall risk level
        if critical_count > 0:
            risk_level = "critical"
            risk_score = 90 + min(critical_count * 2, 10)
        elif high_count > 3:
            risk_level = "high"
            risk_score = 70 + min(high_count * 3, 20)
        elif high_count > 0:
            risk_level = "high"
            risk_score = 60 + min(high_count * 5, 20)
        elif total_count > 5:
            risk_level = "medium"
            risk_score = 40 + min(total_count * 2, 20)
        elif total_count > 0:
            risk_level = "medium"
            risk_score = 20 + min(total_count * 3, 20)
        else:
            risk_level = "low"
            risk_score = 10
        
        # Calculate security score (inverse of risk)
        security_score = max(0, 100 - risk_score)
        
        return {
            "overall_risk_level": risk_level,
            "risk_score": risk_score,
            "security_score": security_score,
            "immediate_attention_required": critical_count > 0 or high_count > 5,
            "assessment_confidence": "high" if total_count > 0 else "medium",
            "risk_factors": {
                "critical_vulnerabilities": critical_count,
                "high_vulnerabilities": high_count,
                "total_vulnerabilities": total_count,
                "affected_modules": len(summary["by_module"])
            }
        }
    
    def _generate_remediation_plan(self) -> Dict:
        """Generate prioritized remediation plan"""
        summary = self._generate_vulnerability_summary()
        
        # Prioritize by severity and impact
        prioritized_vulns = sorted(
            self.overall_vulnerabilities,
            key=lambda x: (
                {"critical": 4, "high": 3, "medium": 2, "low": 1}.get(x.get("severity", "low"), 1),
                x.get("module", "")
            ),
            reverse=True
        )
        
        # Group remediation steps by category
        remediation_steps = {
            "immediate_actions": [],
            "short_term_actions": [],
            "long_term_improvements": [],
            "best_practices": []
        }
        
        # Immediate actions (critical and high severity)
        for vuln in prioritized_vulns:
            severity = vuln.get("severity", "low")
            vuln_type = vuln.get("type", "")
            module = vuln.get("module", "")
            
            action = {
                "vulnerability": vuln.get("description", ""),
                "severity": severity,
                "module": module,
                "recommendation": self._get_vulnerability_recommendation(vuln_type, module),
                "estimated_effort": self._estimate_effort(vuln_type, severity)
            }
            
            if severity in ["critical", "high"]:
                remediation_steps["immediate_actions"].append(action)
            elif severity == "medium":
                remediation_steps["short_term_actions"].append(action)
            else:
                remediation_steps["long_term_improvements"].append(action)
        
        # Add best practices
        remediation_steps["best_practices"] = [
            "Implement regular security assessments and penetration testing",
            "Establish secure coding practices and code review processes",
            "Use Web Application Firewall (WAF) for additional protection",
            "Implement Security Information and Event Management (SIEM)",
            "Regular security training for development team",
            "Keep all dependencies and frameworks updated"
        ]
        
        return {
            "prioritized_steps": remediation_steps,
            "timeline_recommendations": {
                "critical_fixes": "1-7 days",
                "high_priority": "1-4 weeks",
                "medium_priority": "1-3 months",
                "low_priority": "3-6 months",
                "best_practices": "ongoing"
            },
            "resource_requirements": self._estimate_resources(prioritized_vulns),
            "success_metrics": self._define_success_metrics()
        }
    
    def _get_vulnerability_recommendation(self, vuln_type: str, module: str) -> str:
        """Get specific recommendation for vulnerability type"""
        recommendations = {
            "authentication_bypass": "Implement proper input validation and remove default credentials",
            "weak_password_policy": "Strengthen password requirements and implement multi-factor authentication",
            "brute_force_vulnerability": "Implement rate limiting and account lockout mechanisms",
            "privilege_escalation": "Review and implement proper role-based access controls",
            "session_fixation": "Regenerate session IDs on authentication and privilege changes",
            "xss": "Implement input validation, output encoding, and Content Security Policy",
            "sql_injection": "Use parameterized queries and input validation for all database operations",
            "command_injection": "Avoid system calls with user input or implement strict validation",
            "validation_bypass": "Implement defense-in-depth validation with proper encoding handling"
        }
        
        return recommendations.get(vuln_type, "Review and implement appropriate security controls")
    
    def _estimate_effort(self, vuln_type: str, severity: str) -> str:
        """Estimate remediation effort"""
        effort_matrix = {
            "critical": {
                "authentication_bypass": "High",
                "sql_injection": "High", 
                "command_injection": "High",
                "default": "High"
            },
            "high": {
                "privilege_escalation": "Medium",
                "xss": "Medium",
                "session_fixation": "Medium",
                "default": "Medium"
            },
            "medium": {
                "weak_password_policy": "Low",
                "brute_force_vulnerability": "Low",
                "validation_bypass": "Medium",
                "default": "Low"
            },
            "low": {
                "default": "Low"
            }
        }
        
        return effort_matrix.get(severity, {}).get(vuln_type, "Medium")
    
    def _estimate_resources(self, vulnerabilities: List[Dict]) -> Dict:
        """Estimate resource requirements for remediation"""
        critical_count = len([v for v in vulnerabilities if v.get("severity") == "critical"])
        high_count = len([v for v in vulnerabilities if v.get("severity") == "high"])
        medium_count = len([v for v in vulnerabilities if v.get("severity") == "medium"])
        
        return {
            "development_team_size": {
                "critical": "2-3 developers",
                "high": "1-2 developers", 
                "medium": "1 developer"
            },
            "estimated_hours": {
                "critical": critical_count * 40,
                "high": high_count * 20,
                "medium": medium_count * 8
            },
            "skills_required": [
                "Secure coding practices",
                "Web application security",
                "Database security",
                "System security",
                "Authentication and authorization"
            ],
            "tools_needed": [
                "Static analysis security testing (SAST)",
                "Dynamic application security testing (DAST)",
                "Web Application Firewall (WAF)",
                "Security logging and monitoring"
            ]
        }
    
    def _define_success_metrics(self) -> List[str]:
        """Define success metrics for remediation"""
        return [
            "Zero critical vulnerabilities remaining",
            "90%+ reduction in high-severity vulnerabilities",
            "Security score improvement of 50+ points",
            "Successful penetration test with no critical findings",
            "Compliance with security standards and best practices",
            "Implementation of automated security testing in CI/CD pipeline"
        ]
    
    def generate_executive_summary(self, assessment_results: Dict) -> Dict:
        """Generate executive summary for stakeholders"""
        risk_assessment = assessment_results.get("risk_assessment", {})
        vuln_summary = assessment_results.get("vulnerability_summary", {})
        
        return {
            "overall_security_posture": risk_assessment.get("overall_risk_level", "unknown"),
            "security_score": risk_assessment.get("security_score", 0),
            "key_findings": {
                "total_issues": vuln_summary.get("total_vulnerabilities", 0),
                "critical_issues": vuln_summary.get("by_severity", {}).get("critical", 0),
                "high_priority_issues": vuln_summary.get("by_severity", {}).get("high", 0),
                "affected_areas": list(vuln_summary.get("by_module", {}).keys())
            },
            "business_impact": {
                "data_breach_risk": "High" if vuln_summary.get("by_severity", {}).get("critical", 0) > 0 else "Medium",
                "compliance_risk": "High" if vuln_summary.get("total_vulnerabilities", 0) > 10 else "Medium",
                "reputation_risk": "Medium" if vuln_summary.get("total_vulnerabilities", 0) > 5 else "Low"
            },
            "immediate_actions_needed": len([
                v for v in self.overall_vulnerabilities 
                if v.get("severity") in ["critical", "high"]
            ]),
            "recommended_timeline": self._get_executive_timeline(risk_assessment.get("overall_risk_level", "medium")),
            "budget_considerations": self._get_budget_impact(risk_assessment.get("overall_risk_level", "medium"))
        }
    
    def _get_executive_timeline(self, risk_level: str) -> str:
        """Get executive-friendly timeline"""
        timelines = {
            "critical": "Immediate action required - 1-2 weeks",
            "high": "Urgent - 1 month",
            "medium": "Planned - 3 months",
            "low": "Routine - 6 months"
        }
        return timelines.get(risk_level, "Planned - 3 months")
    
    def _get_budget_impact(self, risk_level: str) -> str:
        """Get budget impact assessment"""
        impacts = {
            "critical": "High - Additional security budget needed immediately",
            "high": "Medium-High - Reallocate resources for urgent fixes",
            "medium": "Medium - Include in next planning cycle",
            "low": "Low - Routine maintenance budget"
        }
        return impacts.get(risk_level, "Medium - Include in next planning cycle")

def main():
    """Main function to run comprehensive security assessment"""
    print("🔒 Comprehensive Security Assessment")
    print("=" * 50)
    
    # Initialize assessment coordinator
    coordinator = ComprehensiveSecurityAssessment()
    coordinator.load_assessment_modules()
    
    # Define test configuration (vulnerable for demonstration)
    test_config = {
        "authentication": {
            "password_policies": {
                "min_length": 6,
                "require_uppercase": False,
                "require_special_chars": False
            },
            "brute_force_protection": {
                "max_login_attempts": 15,
                "lockout_duration": 180
            },
            "authentication_bypass": {
                "input_validation": {"sanitize_sql_inputs": False},
                "default_credentials_changed": False
            }
        },
        "authorization": {
            "rbac": {
                "role_permissions": {
                    "admin": ["read", "write", "delete", "manage_users", "system_config"],
                    "moderator": ["read", "write", "moderate_content", "manage_users"],
                    "user": ["read", "write_own"],
                    "guest": ["read"]
                }
            },
            "horizontal_privilege": {
                "validate_user_ownership": False,
                "strict_profile_access": False
            },
            "vertical_privilege": {
                "authorization_bypass_enabled": True,
                "role_permissions": {
                    "user": ["read"],
                    "moderator": ["read", "write"],
                    "admin": ["read", "write", "delete", "manage_users"]
                }
            },
            "idor": {
                "object_ownership_validation": False,
                "allow_path_traversal": True
            }
        },
        "session_management": {
            "token_generation": {
                "token_length": 8,
                "token_source": "sequential",
                "use_crypto_random": False
            },
            "session_hijacking": {
                "allow_external_session": True,
                "regenerate_on_login": False,
                "use_https": False,
                "secure_cookie": False,
                "http_only_cookie": False
            },
            "session_timeout": {
                "idle_timeout": 0,
                "absolute_timeout": 0,
                "remember_me_timeout": 7776000
            },
            "session_storage": {
                "storage_type": "file",
                "encrypt_session_data": False,
                "secure_file_permissions": False,
                "world_readable": True
            }
        },
        "input_validation": {
            "xss": {
                "filter_rules": ["<script>"],
                "sanitize_html": False,
                "strip_tags": False,
                "xss_protection": False,
                "case_sensitive_validation": True
            },
            "sql_injection": {
                "parameterized_queries": False,
                "sql_input_validation": False,
                "prevent_db_enumeration": False
            },
            "command_injection": {
                "command_input_validation": False,
                "shell_escape": False
            },
            "validation_bypass": {
                "decode_input": False,
                "case_sensitive_validation": True,
                "truncate_input": True
            }
        }
    }
    
    # Run comprehensive assessment
    print("Running comprehensive security assessment...")
    assessment_results = coordinator.run_comprehensive_assessment(test_config)
    
    # Generate executive summary
    executive_summary = coordinator.generate_executive_summary(assessment_results)
    
    # Display results
    print("\n📊 EXECUTIVE SUMMARY")
    print("-" * 30)
    print(f"Overall Security Posture: {executive_summary['overall_security_posture']}")
    print(f"Security Score: {executive_summary['security_score']}/100")
    print(f"Total Issues Found: {executive_summary['key_findings']['total_issues']}")
    print(f"Critical Issues: {executive_summary['key_findings']['critical_issues']}")
    print(f"High Priority Issues: {executive_summary['key_findings']['high_priority_issues']}")
    print(f"Areas Affected: {', '.join(executive_summary['key_findings']['affected_areas'])}")
    print(f"Immediate Actions Needed: {executive_summary['immediate_actions_needed']}")
    print(f"Recommended Timeline: {executive_summary['recommended_timeline']}")
    print(f"Budget Impact: {executive_summary['budget_considerations']}")
    
    # Save comprehensive report
    report_filename = f"comprehensive_security_report_{datetime.datetime.now().strftime('%Y%m%d_%H%M%S')}.json"
    
    full_report = {
        "executive_summary": executive_summary,
        "detailed_assessment": assessment_results
    }
    
    with open(report_filename, 'w') as f:
        json.dump(full_report, f, indent=2)
    
    print(f"\n📄 Detailed report saved to: {report_filename}")
    
    # Display critical vulnerabilities
    critical_vulns = [
        v for v in coordinator.overall_vulnerabilities 
        if v.get("severity") == "critical"
    ]
    
    if critical_vulns:
        print(f"\n🚨 CRITICAL VULNERABILITIES ({len(critical_vulns)})")
        print("-" * 40)
        for i, vuln in enumerate(critical_vulns[:5], 1):  # Show top 5
            print(f"{i}. [{vuln.get('module', 'Unknown')}] {vuln.get('description', 'No description')}")
    
    # Display next steps
    remediation = assessment_results.get("remediation_plan", {})
    immediate_actions = remediation.get("prioritized_steps", {}).get("immediate_actions", [])
    
    if immediate_actions:
        print(f"\n⚡ IMMEDIATE ACTIONS ({len(immediate_actions)})")
        print("-" * 30)
        for i, action in enumerate(immediate_actions[:3], 1):  # Show top 3
            print(f"{i}. {action.get('recommendation', 'No recommendation')}")
            print(f"   Effort: {action.get('estimated_effort', 'Unknown')}")
    
    print(f"\n✅ Assessment completed successfully!")
    print(f"📈 Security score improvement potential: +{100 - executive_summary['security_score']} points")
    
    return full_report

if __name__ == "__main__":
    # Run comprehensive security assessment
    report = main()