v1.0.0
Release date: 2025-06-23
Feature Highlights
Here are some of the key features of LISA v1.0:
-
A chat-based interface that allows you to interact with LISA using natural language.
-
Assistant agent that can help you upload/provide code and schedule a scan.
-
Analyzer agent that identifies the security issues in the code using LLM and a methodology which strikes a balance between accuracy and speed.
-
Scan result view that delivers findings alongside your code, the generated code summary and protocol diagrams also help you understand the code better.
A familiar yet powerful interface
LISA brings security analysis into a conversational format that feels natural and intuitive. The chat-based interface allows you to interact with LISA using plain English, making complex security analysis accessible to both seasoned professionals and newcomers to the field. No more wrestling with command-line tools or complex configuration files – simply describe what you need analyzed, and LISA will guide you through the process.
The interface combines the familiarity of modern messaging apps with powerful analytical capabilities, creating an experience that's both approachable and professional. What makes this even more powerful is that the message stream goes beyond simple text exchanges – it can display real-time-updated scan result cards that show the progress and status of your security scans as they happen. These interactive cards are fully openable, allowing you to dive into detailed scan results without leaving the conversation context.
A helpful assistant
At the heart of LISA is an intelligent assistant agent designed to streamline your workflow. This assistant understands the context of security analysis and can help you upload code, organize files, and schedule comprehensive scans with minimal effort.
The assistant agent acts as your personal security consultant, guiding you through best practices and suggesting optimal scan configurations. It can handle code provided inline, via uploaded files or via a URL. It is also equipped with the knowledge of the complete product documentation and is ready to answer any related questions.
An intelligent and experienced analyzer
LISA's analyzer agent represents a breakthrough in automated security analysis. Built on advanced LLM technology, it combines the speed of automated tools with the nuanced understanding typically reserved for human experts. The analyzer employs a carefully crafted methodology that strikes the perfect balance between thoroughness and efficiency.
This intelligent system doesn't just flag potential issues – it understands context, recognizes false positives, and provides meaningful insights about the severity and exploitability of discovered vulnerabilities. The analyzer draws from extensive knowledge of security patterns, common attack vectors, and industry best practices to deliver analysis that's both comprehensive and actionable.
A comprehensive scan result
LISA transforms raw security findings into clear, actionable insights through an intuitive scan result interface. The results don't just list vulnerabilities – they provide a complete picture of your code's security posture alongside the actual code context, making it easy to understand both what the issues are and where they occur.
The scan results include automatically generated code summaries that help you quickly grasp the purpose and structure of analyzed components. Additionally, LISA creates protocol diagrams that visualize the flow and interactions within your codebase, providing valuable architectural insights that enhance your understanding of potential security implications.
For maximum flexibility and integration with your existing workflows, LISA allows you to export all scan components – including detailed findings, comprehensive summaries, and generated diagrams – as either JSON or Markdown files. This export functionality ensures you can easily share results with team members, integrate findings into your development pipeline, or maintain records for compliance and audit purposes. This comprehensive approach ensures you're not just fixing issues, but truly understanding your code's security landscape.