Vercel is open sourcing deepsec, an AI-powered security scanning tool that uses coding agents (Claude Opus and GPT) to find vulnerabilities in large codebases. It runs locally or scales to 1,000+ concurrent Vercel Sandboxes for parallel execution. The workflow includes static regex scanning, agent-based investigation, revalidation to reduce false positives (reported at 10-20%), contributor enrichment via git metadata, and exportable findings. It supports a plugin system for custom scanners tuned to specific auth models or data layers. No special 'cyber' AI models are required — standard Claude and Codex subscriptions work out of the box.
Table of contents
ArchitectureRunning deepsec on production codeCustomization and pluginsDo I need access to a special “cyber model”?Getting startedFeedback welcomeSort: