Quickstart
Meet Levin — one autonomous AI security engineer. You don't navigate dashboards; you just tell Levin what you want, and it does the work. Here's your first scan in under two minutes.
1. Connect GitHub
Click Try Levin and sign in. SecureOS requests access to your repositories so Levin can clone them for a scan — we never push code or open PRs on your behalf without your instruction.
2. Just ask Levin
Open Levin and type a plain command. Levin understands intent — a narrow command runs exactly that, a broad goal mobilizes the whole team.
scan my-repo
am I SOC2 ready?
write a privacy policy for my app
secure my-repo3. Levin plans & runs the work
Levin scopes the request as a CISO, delegates to the right department (AppSec, Red Team, IR, Threat-Intel, GRC), clones the repo, runs the real scanners, and triages every finding in the context of what your repo is — so false positives get filtered out before you ever see them. You watch it work, step by step, and can stop or steer it mid-task.
4. Review findings as cards
Results come back as severity cards (Critical / High / Medium / Low). Click a card to open the side panel, click a finding to expand the CVE/CWE, the vulnerable code, the fix, and why it matters for your repo. Documents (privacy policy, ToS) come back as downloadable artifacts; compliance comes back as a control matrix.
Departments
Levin works like a security company. The CISO (Levin) delegates to specialist departments, each commanding real scanners. You talk to one engineer; a whole team does the work behind it.
The core static analysis engine. Runs 50+ regex and AST-based patterns across Python, JavaScript, TypeScript, and IaC files. Detects injection, secrets, auth flaws, crypto misuse, BOLA/IDOR access control bugs, AI-specific vulnerabilities (prompt injection, slopsquatting), and infrastructure misconfigs.
Dependency vulnerability scanner. Checks your package.json, requirements.txt, and pyproject.toml against the OSV.dev CVE database. Flags outdated packages with known exploits and supply chain risks.
Pre-build threat modeler. Before you write a line of code, Scout maps your attack surface based on your tech stack and product description, surfacing the most likely attack vectors for your specific architecture.
AI attack simulator. Runs a 4-phase simulation (Recon → Initial Access → Exploitation → Impact) against your codebase and generates a risk score from 0–10 with full attack chain breakdown. Shows you exactly how an attacker would chain your vulnerabilities.
Cryptographic audit agent. Inspects all encryption, hashing, key management, and token generation in your codebase. Flags weak algorithms, static IVs, Math.random() for secrets, and JWT misconfigurations.
Pre-launch auditor (formerly Launcher). Runs a 50-point checklist 48 hours before go-live: secrets rotation, rate limiting, backup verification, HTTPS enforcement, monitoring setup, and dependency freshness.
Security educator powered by Gemini. For each finding, Oracle produces a concrete code fix, explains why the vulnerability exists, links the relevant CWE, and teaches you the underlying security concept — personalized to your specific mistakes.
Automated PR security review. When a pull request is opened, secureos-bot posts inline findings as GitHub comments — covering only the diff, not the full codebase, so reviews are fast and focused. Founding Members (first 20 users) get PR Review free forever on any plan.
PR Review
SecureOS integrates with GitHub to automatically scan pull requests when they are opened or updated. The Auditor agent analyzes only the diff — not the full codebase — so reviews are fast and focused on new issues introduced by the PR.
How it works
When a PR is opened against a connected repository, SecureOS receives a webhook event, fetches the changed files, runs Sentinel on the diff, and posts findings as inline review comments on the PR.
# Example PR comment from Auditor
🔴 Critical — SQL Injection (injection.sql_fstring) [CWE-89]
query = f"SELECT * FROM users WHERE id = {user_id}"
Attacker can inject arbitrary SQL. Use parameterized queries:
query = "SELECT * FROM users WHERE id = %s"
cursor.execute(query, (user_id,))Setup
PR review is automatically enabled for connected repositories on the Pro plan. No webhook configuration is required — SecureOS handles the GitHub App integration.
Playground
The Playground lets you scan any public GitHub repository without creating an account. It is the fastest way to see what SecureOS finds.
Usage
Navigate to secureos.dev/playground and enter a public GitHub repository URL. The scan runs server-side using Sentinel and returns results in seconds.
# Direct link to pre-scan a specific repo
https://secureos.dev/playground?repo=owner/repositoryShare links
After a scan, click the Share button to copy a link that will automatically re-run the scan when opened. Useful for sharing security reports with your team.
Security Checks
Sentinel runs 39+ checks across 8 categories. All checks include a CWE reference and a severity rating.
API
Planned endpoints:
POST /api/v1/scans # Trigger a scan
GET /api/v1/scans/:id # Get scan results
GET /api/v1/findings # List all findings
GET /api/v1/repos # List connected repos
# Authentication
Authorization: Bearer <your-api-key>To get early API access or request a feature, contact us.