KATANA: Secure Engineering System (In Development)
KATANA is a structured application security system designed to audit AI-generated software, combining static analysis, dependency intelligence, secrets detection, and controlled cloud-based security reasoning.
Architected and implemented independently using applied AI engineering workflows, KATANA integrates production-grade security tooling, rule governance, and cloud audit layers typically built by dedicated application security teams.
KATANA is being built as the security layer for Galaxa Infinity, ensuring all Galaxa-generated projects are deterministically audited and validated within infrastructure fully owned and governed by Aulerian.
Key Features
- Deterministic static analysis (Semgrep-based SAST)
- Versioned and signed security rule registry
- AI-hallucination pattern detection in generated code
- CVE intelligence integration with CVSS-based scoring
- Secrets detection and credential leak scanning
- CycloneDX-compliant SBOM generation
- Vector-based vulnerability similarity and recurrence tracking
Tech Stack
- TypeScript
- Node.js 20 LTS
- pnpm
- Zod
- pino
- Vitest
- Semgrep
- YARA
- Gitleaks
- OSV API / NVD ingestion
- OWASP ZAP
- PostgreSQL
- pgvector
- CycloneDX
- Fastify
- Signed JWT authentication
- HMAC request validation
- 5.2 Codex
- Opus 4.6
- Zod-enforced JSON schema validation
- Signed JWT authentication
- Electron
- Vite
- React
- TypeScript
- JavaScript
- Zustand
Reach out for a technical walkthrough or any questions!
thedengalier@gmail.comResume