ShipSec Studio addresses the need for robust workflow automation in security teams by providing a visual DSL and runtime for building, executing, and monitoring security workflows. It targets security engineers and operations teams, offering a durable, isolated, and scalable environment for running security tooling, thereby enhancing security operations efficiency.

How It Works

The platform employs Temporal.io for durable, resumable, stateful workflow execution, ensuring reliability across failures. Security tooling runs within isolated, ephemeral containers featuring per-run volume management for enhanced security and resource isolation. A unified, low-latency SSE pipeline streams telemetry, including terminal output, events, and logs, providing deterministic execution visibility. A visual no-code builder compiles complex security graphs into an executable DSL, abstracting infrastructure complexity.

Quick Start & Requirements

The recommended self-hosting method uses Docker with a one-line install: curl -fsSL https://get.shipsec.ai | bash. This command checks for and installs dependencies (Docker, just, curl, jq, git), starts Docker, clones the repository, and launches all services. Access the studio at http://localhost. A preview of ShipSec Cloud is available at studio.shipsec.ai for evaluation without infrastructure management.

Highlighted Details

• Integrated Tooling: Native support for discovery (Subfinder, DNSX, Naabu, HTTPx), vulnerability scanning (Nuclei, TruffleHog), and utility tools (JSON Transform, Logic Scripts, HTTP Requests).
• Advanced Orchestration: Features Human-in-the-Loop for approvals, AI-Driven Analysis leveraging LLM nodes and MCP providers, native CRON scheduling, and an API-first design for programmatic control.
• MCP Integration: Supports centralized MCP server management, includes built-in MCP Servers (AWS CloudTrail, CloudWatch, Filesystem), and enables seamless tool discovery via AI Agents.
• Multi-Instance Development: Allows running multiple isolated development instances on a single machine for parallel feature work.

Maintenance & Community

The project is under active development, optimizing for stable production use. Community support and discussion are available via Discord and GitHub Discussions. Comprehensive documentation for component development and deployment is mentioned.

Licensing & Compatibility

ShipSec Studio is licensed under the Apache License 2.0, which is permissive and generally compatible with commercial use and linking within closed-source projects.

Limitations & Caveats

The platform is currently in active development, indicating potential for ongoing changes and instability. The ShipSec Cloud environment is explicitly labeled as a technical preview for evaluation and sandbox testing purposes only.