💻 Isitsecure has been released — an open-source tool for comprehensive web application security scanning.

It combines SAST, DAST, and LLM-based code auditing into a single workflow. A unique feature is that SAST findings automatically generate targeted DAST tests to confirm vulnerabilities.

🌍 The tool addresses the problem of "vibe coding," where AI-generated code may be insecure. It creates a closed loop between code analysis and application testing, lowering the barrier to entry for DevSecOps.

👤 For developers using AI assistants, it is now easier to check their applications for critical flaws (XSS, SQLi, IDOR) with a single command.

Source 1: https://github.com/jaurakunal/isitsecure