Introduction

Learn what PrismSec is and how agentic security works.

PrismSec is an agentic application security platform that autonomously reviews your code on every pull request. Instead of requiring developers to manually run security tools or wait for scheduled scans, PrismSec acts as an AI security engineer embedded in your workflow — analyzing code, detecting vulnerabilities, and opening fix PRs automatically.

What is Agentic AppSec?

Traditional security tools produce lists of findings that developers must triage, prioritize, and fix manually. PrismSec goes further: it understands context, assesses real risk, and takes autonomous action to remediate issues before they reach production.

When you open a pull request, PrismSec:

  1. Scans the code for security issues across four critical domains
  2. Analyzes the context and risk of each finding
  3. Reports actionable findings directly in the PR as inline comments
  4. Remediates by opening a fix PR with secure code changes

PrismSec reviews every PR automatically — no manual scans, no complex setup. Just push code and get security feedback in seconds.

The Four Pillars

PrismSec provides comprehensive security coverage across four key capabilities:

SAST (Static Application Security Testing)

Detects code-level vulnerabilities like SQL injection, cross-site scripting (XSS), insecure deserialization, and authentication flaws. PrismSec analyzes data flow, control flow, and taint propagation to catch bugs that traditional linters miss.

Secret Detection

Finds exposed credentials, API keys, tokens, passwords, and private keys hardcoded in your repository. PrismSec scans both code and commit history, preventing accidental leaks before they become breaches.

Dependencies (SCA — Software Composition Analysis)

Identifies known vulnerabilities in third-party libraries and frameworks. PrismSec tracks CVE databases and security advisories to flag risky dependencies and recommend safe upgrades.

IaC & Misconfiguration

Secures infrastructure-as-code (Terraform, CloudFormation, Kubernetes YAML) and configuration files. PrismSec detects overly permissive IAM roles, exposed storage buckets, insecure network policies, and compliance violations.

The PR-Review Workflow

PrismSec integrates seamlessly into your existing GitHub, GitLab, or Bitbucket workflow:

  1. A developer opens a pull request
  2. PrismSec scans the changed files in seconds
  3. Findings appear as inline PR comments with severity, description, and recommended fix
  4. For auto-fixable issues, PrismSec opens a separate fix PR with the secure code
  5. Developers review, approve, and merge — secure code ships faster

With PrismSec, security becomes part of code review — not a separate, manual step.

Next Steps

Ready to get started? Head to the Quickstart to connect your first repository and run your first scan.

Or dive deeper into Core Concepts to understand how PrismSec evaluates risk and prioritizes findings.