Vercel Open Sources AI-Powered Security Tool That Scans Codebases for Vulnerabilities on Your Own Infrastructure

Vercel open sources deepsec, an AI-powered security tool that scans codebases for vulnerabilities directly on users' own infrastructure, leveraging existing Claude or Codex subscriptions with a multi-step workflow that reduces false positives to just 10-20% and supports 1,000+ concurrent sandboxes for large repositories.

• Vercel is open sourcing deepsec, a security harness powered by coding agents that scans codebases for vulnerabilities and runs on a user's own infrastructure using existing Claude or Codex subscriptions.
• Deepsec operates through a multi-step workflow — scanning files with regex, investigating security-sensitive areas with AI agents, revalidating findings to cut false positives down to roughly 10-20%, enriching results with contributor data, and exporting actionable findings as tickets.
• The tool supports parallel execution across 1,000+ concurrent Vercel Sandboxes for large repos, includes a plugin system for custom scanners, and can be launched immediately by running npx deepsec init at the root of any repository.