Full-Process Code Protection

Inspiration

Reflections Following a Multi-Perspective Cybersecurity Attack and Defense Exercise

What it does

Leveraging AI technology, we have established a comprehensive, end-to-end cybersecurity defense system that encompasses internal asset inventory, code security auditing, incident response and handling, and proactive vulnerability discovery. This system facilitates an intelligent transformation from passive defense to proactive protection, thereby mitigating the risk of cyber intrusions.

How we built it

By employing a multi-dimensional construction approach—combining code with AI skills—we position the AI skill set as the central cognitive hub for task execution, driving the underlying code to facilitate operational workflows. The system undergoes continuous self-learning and evolution—constantly advancing its framework—based on real-world penetration testing methodologies, vulnerability discovery techniques, and practical case studies.

Challenges we ran into

It consumes a significant amount of computing power and tokens, necessitating continuous optimization of the workflow. 2. It requires vast storage capacity; specifically, acquiring training samples via web scraping demands substantial storage space to house the learned knowledge and reference cases. 3. The "cold" and "hot" context mechanisms employed by the AI when invoking skills and accessing memory constrain the construction of the overall framework, requiring specialized optimization. 4. Regarding the implementation of real-world projects—specifically intrusion prevention systems—it is imperative to conduct internal network-based experiments; however, the technology has not yet reached the practical deployment testing phase and currently lacks sufficient real-world operational references. ## Accomplishments that we're proud of While engaging with other industry professionals, we discovered that some cybersecurity teams are already attempting to build similar frameworks and projects—confirming that the general direction of our approach is both practical and sound. ## What we learned The immense power of AI as a component of modern-era productivity, and the exploration of how to leverage AI to optimize existing projects. ## What's next for Full-Process Code Protection We will continue to refine the AI code auditing framework by integrating content from additional new vulnerability discovery platforms—specifically, those serving as knowledge-sharing hubs for cybersecurity professionals—such as Alibaba's "Xianzhi" Community and Qi'anxin's "Butian" Vulnerability Platform. Subsequently, we will proceed step-by-step with the preliminary construction and implementation of the remaining components of the framework.

Built With

.net/c#
asp.net
boot
c/c++
django
express.js
fastapi
fastify
flask
gin
go
java
javascript
koa
laravel
nestjs
php
python
ruby
ruby-on-rails
rust
spring

Updates

Henry Lan started this project — Apr 17, 2026 09:38 PM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.