Ecosystem

DeepSource strengthens developer support with new open-source security toolkit Globstar

Whether an engineering team is scattered across the globe or based in-house, leveraging AI code review provides senior software developers with an opportunity to focus on areas that require human-centric approaches, leaving the necessary yet repetitive tasks to AI assistants. In fact, the high majority of developers worldwide have already realized this, and today are leveraging AI to streamline productivity and improve output. 

However, AI has also presented its fair share of security concerns. While we can’t completely eliminate its risks, we can use tools and practices to better safeguard ourselves.

One such solution is from DeepSource, which is a unified DevSecOps platform that offers developers the ability to harness the benefits of AI without compromising on security risks that can affect organizations.

The company has introduced an open-source security toolkit called Globstar, which is addressing the need for heightened security measures in software development. Here’s how.

The value in making secure coding tools accessible 

While DeepSource’s primary objective is to provide users with the ability to create secure code and leverage AI’s ability to pinpoint vulnerabilities, the company does so with a deep understanding that core components of code security should be widely accessible for both creating the software and protecting it’s systems. 

What’s unique about its new solution, Globstar’s static code analysis toolkit, is that it lets users build custom security checkers and integrate them into their pipelines.

Released under the MIT license, it is completely open source.

Said Sanket Saurav, CEO of DeepSource, “We initially leveraged tree-sitter to develop new checkers for our internal analyzers, which allowed us to respond swiftly to customer requests. With Globstar, we saw an opportunity to give developers the same flexibility—so we decided to open-source it.”

While DeepSource’s customers can use Globstar to define security rules specific to their needs, the tool is available to any one.

Automating security checks with Globstar 

Writing code is one thing—keeping it secure is another. Existing tools like CodePilot assist developers to write code, however there hasn’t been an easy way to automate advanced security checks to catch hidden bugs and vulnerabilities before they become real problems.

DeepSource saw this as a major challenge for the AppSec community. Software security flaws weren’t just an issue for developers—they were affecting the quality and reliability of the apps we all use.

To solve this, their team decided to create Globstar—a toolkit that makes it easier to build and run security checks within the development process.

This gives developers direct access to the actual structure of their code, so they can build security checks that work exactly as expected, without missing hidden details.

Built for all user levels

As part of the company’s mission in making Globstar an open source repository for software and security teams globally, the solution supports over 20 programming languages and is designed for users with different levels of expertise. 

For example, beginners can use the YAML interface for simple security checks, while more advanced users can leverage the Go interface for complex features like cross-file analysis and scope resolution.

Team TechPanda

Recent Posts

Outbound & inbound: India attracts businesses from UK, China & US while expanding to Middle East

The Tech Panda takes a look at how India has been attracting foreign businesses from…

9 hours ago

UPI value & volume surpass records in March

India’s digital payments ecosystem achieved a record high in March, with UPI transactions reaching INR24.77…

10 hours ago

AI-powered digital twins, Cobots, agentic AI, physical AI & edge computing are enabling an anticipatory AI-first manufacturing ecosystem

Tata Consultancy Services (TCS) (BSE: 532540, NSE: TCS), ), a leader in IT services, consulting, and business…

11 hours ago

Misinformation & deepfakes help weaponize AI: Should AI be as open as the internet then?

The ability for AI to spread misinformation has been reaching hair-raising lengths, another and possibly…

2 days ago

What employees want: Not everyone feels ready to flow with AI at the workplace

Artificial Intelligence is everywhere now. It’s safe to say that organizations have either fully adopted…

5 days ago

Are business markets safe from Grok AI?

With the rise of advanced AI models such as Grok AI developed by Elon Musk's…

6 days ago