ThreatForge: An AI-Driven Platform for Unified Security Analysis, Automated Attack Simulation, and Scalable Remediation
Keywords:
AIAbstract
Traditional software security practices are fragmented, marked by siloed analysis tools, manual remediation
processes, and ephemeral security data. This paper presents ThreatForge, a unified DevSecOps platform that transforms
code repositories into an interactive, queryable security knowledge base. The system leverages Large Language Models
(LLMs) (Google Gemini and Ollama) and vector search (FAISS) to automate the full security and performance lifecycle.
By integrating a FastAPI backend, a React dashboard, and Auth0 for enterprise-grade authentication, the architecture
enables a holistic suite of capabilities: LLM-driven vulnerability detection (SAST), automated load testing via k6, and
non-destructive intrusion testing (DAST).A core contribution is the Intrusion Testing module, which performs controlled
penetration tests on live systems following user consent to identify CORS misconfigurations, SSL/TLS vulnerabilities, and
DDoS susceptibility. The platform contextualizes these dynamic findings alongside static code analysis to detect critical
flaws like SQL injection and XSS. Furthermore, the system generates actionable patches using an AI driven Code Assist
remediation engine, which utilizes semantic indexing to understand project structure. Evaluations of the integrated
workflow demonstrate a shift from isolated scanners to an intelligent, end- to-end security ecosystem that provides
developers with real-time metrics and automated remediation pathways.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Authors
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
