ShipSec Studio

ShipSec Studio is an open-source platform for orchestrating security workflows, decoupling security logic from infrastructure management to provide a durable and isolated environment for security tooling. It is currently in active development, focusing on stable production use and high-performance security operations.

Core Pillars

• Durable, resumable workflows: Powered by Temporal.io for stateful execution across failures.
• Isolated security runtimes: Utilizes ephemeral containers with per-run volume management.
• Unified telemetry streams: Delivers terminal output, events, and logs via a low-latency SSE pipeline.
• Visual no-code builder: Compiles complex security graphs into an executable DSL.

Deployment Options

1. Shipsec Self-Host with Docker (Recommended): A one-line install script (curl -fsSL https://get.shipsec.ai | bash) checks dependencies, starts Docker, clones the repository, and launches all services. Access via http://localhost.
2. ShipSec Cloud (Preview): Available at https://studio.shipsec.ai for quick evaluation and sandbox testing.
3. Self-Host (Docker): For data residency and air-gapped environments, requiring Docker, just, curl, and jq. Clone the repository and run just prod start-latest.

Capabilities

• Integrated Tooling: Native support for industry-standard security tools including:
  • Discovery: Subfinder, DNSX, Naabu, HTTPx
  • Vulnerability: Nuclei, TruffleHog
  • Utility: JSON Transform, Logic Scripts, HTTP Requests
• Advanced Orchestration:
  • Human-in-the-Loop: Pause workflows for approvals or inputs.
  • AI-Driven Analysis: Leverages LLM nodes and MCP providers for intelligent results interpretation.
  • Native Scheduling: Integrated CRON support for recurring monitoring.
  • API First: Comprehensive REST API for triggering and monitoring workflows.
• MCP Integration:
  • MCP Library: Centralized server management with multi-server selection and automatic tool registration.
  • Built-in MCP Servers: AWS CloudTrail, CloudWatch, and Filesystem support.
  • Seamless Tool Discovery: AI Agents automatically discover and use MCP tools.

Architecture Overview

ShipSec Studio is built for enterprise-grade durability and horizontal scalability, comprising:

• Management Plane (Backend): NestJS service for DSL compilation, secret management (AES-256-GCM), and identity.
• Orchestration Plane (Temporal): Manages workflow state, concurrency, and persistent wait states.
• Execution Plane (Worker): Stateless agents executing tool-bound activities in isolated runtimes.
• Monitoring (SSE/Loki): Real-time telemetry pipeline for execution visibility.