Startup Surakshate

Inspiration

Startups move fast — security doesn't always keep up. While building our own projects, we kept making rookie mistakes: exposing API keys, running outdated libraries, forgetting basic protections. Most founders aren't security experts, and we weren't either. So we built a tool that protects startups from day one — no complexity, no fear.

What it does

Startup Surakshate scans your GitHub repo or live website, spots vulnerabilities, and uses AI to explain what's wrong in plain English — plus how to fix it. Features include:

• Simple, secure authentication via Supabase
• AI-powered vulnerability explanations
• Code & website security scanning
• Severity-based dashboard
• Downloadable PDF security reports
• Demo Mode — try it instantly, no setup required

How we built it

Backend: FastAPI (Python)
Database + Auth: Supabase
Frontend: Tailwind CSS + JavaScript
AI: GPT-4o-mini for summaries
Scanners: Custom analyzers + Snyk API
Reports: pdfkit + wkhtmltopdf
Hosting: Vercel (frontend) + Render (backend)

Challenges

• Getting accurate scans without overwhelming users with noise
• Making AI explanations simple but technically sound
• Validating user input securely to prevent abuse
• Managing API keys safely during deployment
• Making PDF reports render consistently everywhere

What we're proud of

• Onboarding in under 60 seconds
• Demo Mode lets anyone test it immediately
• Vulnerability explanations that actually make sense — no jargon dumps
• A dashboard that feels clean and approachable
• Proving security doesn't have to be intimidating

What we learned

Security isn't just about catching bugs — it's about helping people understand and act on them. Good UX matters even more in security tools. Founders don't want deep technical dives; they want clear fixes they can implement today. Building responsibly means thinking about safety from line one.

What's next

• Auto-generate Pull Requests to fix issues automatically
• GitHub App for scheduled weekly scans
• Slack/Discord notifications for new threats
• Support for Dockerfiles & CI/CD pipelines
• Affordable security plans built for early-stage startups

Built With

api
css
fastapi
javascript
openai
pdfkit
python
snyk
supabase
tailwind
vercel

Submitted to

Created by

• Ideated and architected the entire product from scratch — from problem discovery (OWASP log complexity for founders) to solution design.
• Designed the full system architecture for an AI-driven vulnerability analysis & remediation platform.
• Built the complete backend solo using Python & FastAPI for log ingestion, processing, and API orchestration.
• Integrated LLMs to convert raw OWASP scanner logs into founder-friendly, actionable security remediation reports.
• Designed the AI prompt pipelines for accurate vulnerability explanation, prioritization, and fix guidance.
• Built the MVP end-to-end using AI-assisted development tools for rapid prototyping, debugging, and optimization.
• Handled full product ownership: UI flow logic, API design, validation logic, testing, deployment strategy.
• Converted a cybersecurity research problem into a real-world usable startup product with practical business use.

✅ Role: Solo Founder | AI Engineer | Backend Developer | Product Architect
✅ Outcome: Fully working AI-powered cybersecurity automation MVP built independently.

Naveen Patil
CSE Student | 10× Hackathon Finalist | Building at the intersection of Cybersecurity & AI

Updates

Naveen Patil started this project — Nov 08, 2025 06:06 PM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.