Vercel is open sourcing deepsec, an AI security harness that runs on your infrastructure, with your keys, against your code.
Replies
Best
Running security tooling on your own infra is the right call for anything touching production code. Quick question: does deepsec scan at commit time, CI time, or both? I'm curious how it handles cases where the samecode has different risk profiles in diffrent environments.
Report
Congrats on the launch! I like that it runs on your own infra.
Is deepsec mostly for CI/PR checks, or also local dev use?
Curious how you’re handling false positives, that’s usually the hard part with security tools.
What's the approach deepsec uses for tracking and mitigating vulnerabilities in real-time? I've seen similar tools struggle with false positives, which can slow down the development process significantly. Curious if there's something novel here that addresses that issue.
Report
Hosting yieldos on Vercel. Underrated feature nobody talks about: per-PR preview deployments. I catch a ton of mistakes before they hit prod just by clicking the preview link.
Replies
Running security tooling on your own infra is the right call for anything touching production code. Quick question: does deepsec scan at commit time, CI time, or both? I'm curious how it handles cases where the samecode has different risk profiles in diffrent environments.
Congrats on the launch! I like that it runs on your own infra.
Is deepsec mostly for CI/PR checks, or also local dev use?
Curious how you’re handling false positives, that’s usually the hard part with security tools.
@ihorperkovskyi this is my question, too.
What's the approach deepsec uses for tracking and mitigating vulnerabilities in real-time? I've seen similar tools struggle with false positives, which can slow down the development process significantly. Curious if there's something novel here that addresses that issue.
Hosting yieldos on Vercel. Underrated feature nobody talks about: per-PR preview deployments. I catch a ton of mistakes before they hit prod just by clicking the preview link.