deepsec

deepsec is an agent-powered security harness for finding vulnerabilities in large codebases. It is designed to run on the user’s own infrastructure, using coding agents to perform deep, project-aware security review rather than only basic pattern matching. The tool initializes a project-specific security context, scans code in batches, processes findings, and can optionally revalidate results to reduce false positives. For large repositories, it supports parallel work across worker machines and can resume interrupted scans without repeating completed work. It is aimed at serious security reviews where deeper model reasoning may be worth the higher compute and model cost. The project is especially relevant for teams that need to uncover long-standing vulnerabilities hidden inside complex application code.

Features

Agent-powered vulnerability scanning
Runs on user-controlled infrastructure
Project-specific security context setup
Parallel scanning for large repositories
Interrupted run resume behavior
Markdown findings export workflow

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow deepsec

deepsec Web Site

Other Useful Business Software

Full-stack observability with actually useful AI | Grafana Cloud

Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.

Create free account

Rate This Project

User Reviews

Be the first to post a review of deepsec!

Additional Project Details

Programming Language

TypeScript

Related Categories

TypeScript Security Software

Registered

4 days ago

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ZeroPath

ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software
Proton VPN

Protect your business against damaging data breaches and easily comply with security frameworks like ISO 27001, GDPR, and HIPAA. Our software-only virtual private network easily integrates with your existing infrastructure to provide a flexible and scalable way to protect your...

See Software
groundcover

Cloud-based observability solution that helps businesses track and manage workload and performance on a unified dashboard. Monitor everything you run in your cloud without compromising on cost, granularity, or scale. groundcover is a full stack cloud-native APM platform designed to make...

See Software
Reflectiz

Reflectiz is a web exposure management platform that helps organizations identify, monitor, and mitigate security, privacy, and compliance risks across their online environments. It provides full visibility and control over first, third, and fourth-party components like scripts, trackers, and...

See Software