Skip to content

aditya-caltechie/ai_cybersecurity_analyzer

BranchesTags

Repository files navigation

AI Cybersecurity Analyzer

CI

Web app that analyzes Python code for security issues using Semgrep (static analysis) and an OpenAI Agents workflow via the Semgrep MCP server.

Features

  • Security scanning: Semgrep findings with AI-assisted explanation and remediation hints
  • Simple local dev: Next.js UI (port 3000) + FastAPI API (port 8000)
  • Single-container production: FastAPI serves the statically exported frontend on port 8000
  • Infrastructure as code: Terraform stacks for AWS / Azure / GCP (optional)

Stack

Layer Tech
Frontend Next.js (TypeScript), Tailwind
Backend Python 3.12, FastAPI, uv
Analysis Semgrep, MCP, OpenAI Agents
Infra Terraform (AWS, Azure, GCP)

Prerequisites

  • Python 3.12+ and uv
  • Node.js 20+ and npm
  • Docker (optional, for container run)
  • Terraform (optional, for cloud deploy)

Environment

Create a .env in the repo root (do not commit it):

  • OPENAI_API_KEY — OpenAI API access
  • SEMGREP_APP_TOKEN — Semgrep (Semgrep Cloud / App token as required by your setup)

Run locally

Backend (port 8000):

cd backend
uv sync
uv run server.py

Frontend (port 3000, separate terminal):

cd frontend
npm install
npm run dev

Open http://localhost:3000.

Run with Docker

From the repo root (with .env present):

docker build -t cyber-analyzer .
docker run --rm -p 8000:8000 --env-file .env cyber-analyzer

Open http://localhost:8000.

Repo layout

├── backend/     # FastAPI app, MCP / agent wiring
├── frontend/    # Next.js UI (static export in production)
├── terraform/   # azure/, gcp/, aws/ — infra as code
├── scripts/     # deploy-aws.sh, destroy-aws.sh
├── Dockerfile   # Single-container production build

Deployment

Terraform stacks live under:

  • terraform/aws (AWS App Runner + ECR)
  • terraform/azure (Azure Container Apps)
  • terraform/gcp (GCP Cloud Run)

See terraform/README.md for per-cloud details and prerequisites.

Deploy with scripts (recommended)

From the repo root:

aws sts get-caller-identity
./scripts/deploy-aws.sh

It prints the Service URL at the end.

Validate deploy / cleanup

./scripts/check-aws-deploy.sh
./scripts/check-aws-cleanup.sh

Azure and GCP (optional)

Use the Terraform stacks in terraform/azure and terraform/gcp. The quickest way to get oriented is to start with:

  • terraform/README.md (overview + commands)
  • terraform/azure (Azure Container Apps)
  • terraform/gcp (GCP Cloud Run)

About

Cybersecurity Analyzer is an AI-powered web application that scans and analyzes Python code for security vulnerabilities. By combining cutting-edge AI with robust static analysis tools, this platform helps developers identify and resolve security issues in their codebase.

Topics

terraform cybersecurity mlops-workflow agentic-ai mcp-server context-engineering

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages