Latio Application Security Tester: Use AI to scan your code

Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues.

Features and future plans

James Berthoty, the creator of Latio Application Security Tester, told Help Net Security about the unique features that make it stand out:

1. Easily send code changes to OpenAI without dealing with copy-pasting into ChatGPT or setting up the perfect prompt.
2. The default model is cheap 3.5, but you can easily pass in whatever model you want for testing purposes.
3. The ability to do full scans for smaller applications.
4. --health option also allows for optimization and code smell scanning.
5. GitHub Actions templates for easy experimentation in the pipeline.

Berthoty told us that future plans include easy setup with non-OpenAI models, better large file handling for where your code or changes start going over the token limit, and a GitHub auth flow and hosted version for users who don’t want to deal with setting up anything.

Latio Application Security Tester is available for free on GitHub.

Must read:

• 15 open-source cybersecurity tools you’ll wish you’d known earlier
• 20 essential open-source cybersecurity tools that save you time