💻 Isitsecure has been released — an open-source tool for comprehensive web application security scanning.
It combines SAST, DAST, and LLM-based code auditing into a single workflow. A unique feature is that SAST findings automatically generate targeted DAST tests to confirm vulnerabilities.
🌍 The tool addresses the problem of "vibe coding," where AI-generated code may be insecure. It creates a closed loop between code analysis and application testing, lowering the barrier to entry for DevSecOps.
👤 For developers using AI assistants, it is now easier to check their applications for critical flaws (XSS, SQLi, IDOR) with a single command.
Source 1: https://github.com/jaurakunal/isitsecure
