Piaegis - Next Generation LLM powered SAST & DAST

Tired of chasing down critical security vulnerabilities late in the development cycle? Our intelligent platform automatically detects SANS Top 25 and emerging threats in your production line projects.

Comment

πŸ›‘οΈ Piaegis: Next-Gen LLM-Powered Security Suite

DEMOS : https://drive.google.com/drive/folders/10L25hW8l-mf8dQJhoX6kWxi8Mj7X0hvY?usp=drive_link

✨ Inspiration

Security vulnerabilities are a constant headache for dev teams. We've all been there:

  • πŸŒ™ Late nights patching critical flaws before release
  • 😰 Stress investigating potential breaches
  • πŸ€” The feeling we should be doing more for security

Traditional SAST and DAST tools flood us with alerts (many false positives) and lack context-aware remediation advice.

Enter Piaegis: Leveraging AI to identify vulnerabilities more accurately and provide intelligent, actionable guidanceβ€”less like an auditor, more like a helpful security expert at your side.

πŸ” What It Does

Piaegis integrates seamlessly into your development lifecycle, focusing on SANS Top 25 Most Dangerous Software Errors, OWASP Top 10, business logic flaws, and emerging threats.

Core Components:

πŸ›‘οΈ Piaegis Shield (SAST)

  • LLM-powered static code analysis for .NET, Java, and more
  • Understands semantic context beyond pattern matching
  • Identifies complex vulnerabilities with greater accuracy
  • Provides tailored remediation suggestions

βš”οΈ Piaegis Sword (DAST)

  • Integrates with OWASP ZAP for dynamic testing
  • Filters noise from raw reports
  • Presents findings in clear, actionable format
  • Provides insights on vulnerability implications

🏰 Piaegis Fortify (Interactive Security Debugger)

  • Conversational security analysis
  • Lets developers ask questions about vulnerabilities
  • Discusses security best practices
  • Offers context-aware remediation based on codebase history

πŸ”§ How We Built It

  • Backend: Python
  • Frontend: Streamlit for user-friendly interfaces
  • LLM Integration: OpenAI, potentially Google Gemini and OpenRouter
  • DAST: OWASP ZAP API integration
  • Data Management: PostgreSQL, Neo4j, Redis + Celery
  • Containerization: Docker Compose
  • DevOps: Jenkins integration

πŸ§— Challenges We Faced

  • ✏️ Prompt Engineering: Balancing accuracy, minimizing false positives
  • 🧩 Diverse Codebases: Adapting to different project structures
  • πŸ”Œ Tool Integration: Seamlessly working with ZAP and CI/CD systems
  • ⚑ Performance: Optimizing for large codebases
  • πŸ”„ Dependencies: Managing multiple services
  • βš–οΈ Accuracy Balance: Reducing false positives without missing vulnerabilities
  • πŸ’» Platform-Specific Analysis: Tailoring for .NET, Java, Android, iOS

πŸ† Accomplishments

  • βœ… Functional core components (Shield, Sword, Fortify)
  • 🐳 Complete Docker environment
  • πŸ€– Successful LLM and DAST tool integration
  • πŸ‘¨β€πŸ’» User-friendly Streamlit interfaces
  • 🎯 Focus on actionable insights
  • πŸ” Prioritized SANS Top 25 vulnerabilities

πŸ“š What We Learned

  • LLM strengths and limitations in security context
  • Complexity of comprehensive security testing
  • Importance of seamless workflow integration
  • Benefits of microservices architecture
  • Value of containerization

πŸš€ What's Next

  • 🌐 Enhanced language support (.NET, Java, Android, iOS)
  • 🎯 Improved accuracy, fewer false positives
  • πŸ” Deeper DAST analysis
  • 🧠 Business logic vulnerability detection
  • πŸ”­ Emerging threat detection
  • πŸ”§ IDE and CI/CD integrations
  • πŸ“Š Enhanced reporting and remediation guidance
  • 🀝 Community engagement
  • πŸ“ˆ Graph-based security analysis
  • ⚑ Performance optimization

Built With

Share this project:

Updates