Haven

Agentic, containerized security verification for sensitive, mission-critical apps. Ship fast without compromising security.

Comment

Inspiration

We live in a world where almost everything is digital. People trust applications with their medical records, identification, finances, and private conversations. At the same time, software is being built faster than ever, often “vibe coded” with AI assistance and minimal manual review. As development accelerates, users are placing sensitive information into systems that may not have been thoroughly tested for security or resilience.

What it does

To address this, we created Haven. an AI-powered security scanning platform designed to evaluate applications in a controlled, isolated environment. Haven acts as an automated security reviewer. It doesn’t just scan code statically; it interacts with a live version of the application, probes its behavior, and attempts to uncover vulnerabilities the way a real attacker might.

Haven equips its AI agent with structured tools that allow it to safely interact with the application, testing endpoints, attempting to access protected data, and identifying weaknesses. In addition to security testing, we developed a scalability tool that evaluates how well an application performs under increased load. This tool simulates scaling conditions and integrates performance findings directly into the final report, giving developers insight into both security risks and system reliability.

How we built it

We intentionally made Haven simple to use. Instead of requiring complicated setup, users provide a public GitHub repository URL. Haven automatically builds the application into a Docker container, deploys it in a sandboxed environment, and runs its scanning engine against it. This mirrors the speed and accessibility of modern development while adding a layer of accountability and testing.

Challenges we ran into

We also faced challenges with container networking and port conflicts, managing compute limits while testing our scaling agent, and handling the probabilistic nature of large language models to ensure consistent results.

Accomplishments that we're proud of

We intentionally made Haven simple to use. Instead of requiring complicated setup, users provide a public GitHub repository URL. Haven automatically builds the application into a Docker container, deploys it in a sandboxed environment, and runs its scanning engine against it.

In addition to security testing, we developed a scalability tool that evaluates how well an application performs under increased load. This tool simulates scaling conditions and integrates performance findings directly into the final report, giving developers insight into both security risks and system reliability.

What we learned

Throughout development, we learned that building secure systems is as much about architecture as it is about code. Working with Docker containers taught us how isolation improves safety and predictability. Overcoming these challenges strengthened both our technical skills and our understanding of responsible system design.

What's next for Haven

We intend to continue building Haven and create more rigorous pen-testing tools for it. Securing the data of everyone who uses software.

Built With

Share this project:

Updates