Inspiration
Autonomous AI coding agents introduced a new attack surface: vulnerabilities in source code and supply chains. We asked — who secures the AI that writes your code? Bastion AI was born to answer that.
What it does
Bastion AI is an agentic DevSecOps platform that scans source code for vulnerabilities and automatically fixes them using Nova AI. Multiple specialized agents work together, each responsible for its own part of the security pipeline.
How we built it
React, TypeScript and Vite on the frontend. The backend uses a multi-agent pipeline powered by Amazon Bedrock (Nova 2 Lite), CycloneDX for SBOM generation, and a custom DAG engine for real-time dependency graph analysis.
Challenges we ran into
Coordinating multiple agents to collaboratively analyze and fix vulnerabilities in real time was the hardest problem we solved.
Accomplishments that we're proud of
Building a fully agentic security pipeline that finds and fixes vulnerabilities in real time — and shipping it in one hackathon.
What we learned
How to build reliable multi-agent systems that collaborate effectively to solve complex security challenges.
What's next for Bastion AI
CI/CD pipeline integration and real-time agent monitoring for enterprise development environments.
Built With
- amazon-bedrock
- amazon-nova-2-lite
- aws-amplify
- cyclonedx
- dag-engine
- react
- sbom
- typescript
- vite
Log in or sign up for Devpost to join the conversation.