Sensei Hiro·Before you deploy

AI-native cloud security · Beta

Cloud security
built for AI agents.

The first AI-native cloud security service. Your coding agent calls vul.ninja before deploying — catches misconfigurations, surfaces fixes, never persists your code.

Sensei Hiro is the service behind it — the sensei your AI agent learns from.

Get an API keyView the docs
agent · vul.ninja MCP
$ claude apply infrastructure/prod-bucket.tf
 
→ vulninja.assess_iac_change(plan)
 
  CRITICAL  S3 bucket public-read ACL on prod-data-store
  finding   public_acl_on_sensitive_bucket
  fix       remove ACL → enforce bucket policy
 
✗ Apply blocked. Run get_remediation? (y/N)

The operator of your cloud isn't human anymore.

Coding agents now write Terraform, deploy infrastructure, and rotate secrets. The work that used to take an engineer an afternoon takes an agent thirty seconds.

Traditional security tooling assumes a human is in the loop — clicking through a dashboard, reviewing a finding, deciding whether to act. That assumption is dissolving.

vul.ninja is built for the new operator. The agent calls our checks the same way it calls a compiler. Security stops being a downstream review step and starts being a function the agent invokes inline.

The tools your agent already knows when to call.

Exposed via MCP. Discoverable by the agent. No prompting required. AWS today, Azure shipping next — every tool extends Hiro's library.

Available now

Multi-cloud
assess_iac_change

Before your agent applies Terraform, CloudFormation, or a Kubernetes manifest, it asks vul.ninja whether the change is safe.

AWS
evaluate_iam_policy

Every IAM policy your agent generates gets risk-scored before it touches your AWS account.

Multi-cloud
get_remediation

When something fails the check, vul.ninja returns the actual fix. Code, not prose.

Multi-cloud
check_secret_exposure

Scans the proposed change for hardcoded secrets, exposed env vars, and credential leakage before they ship.

Coming soon · expanding the library

Azure
evaluate_rbac_assignment

Azure RBAC analog of evaluate_iam_policy — flags overprivileged role assignments before commit.

Azure
assess_arm_template

Bicep / ARM template review — same contract as assess_iac_change, narrowed to Azure-native deployment files.

Azure
audit_key_vault

Checks Key Vault access policies, network restrictions, and rotation hygiene against vul.ninja's rule set.

Azure
evaluate_nsg

Azure Network Security Group review — risky ingress, exposed admin ports, missing tier separation.

Connect in 30 seconds.

claude_desktop_config.json
{
  "mcpServers": {
    "vulninja": {
      "type": "http",
      "url": "https://mcp.vul.ninja",
      "headers": {
        "Authorization": "Bearer YOUR_API_KEY"
      }
    }
  }
}

Works with Claude Code, Cursor, Windsurf, and any MCP-compatible AI tool.

What we store and what we don't.

Your IaC files are never stored. vul.ninja never keeps your Terraform, CloudFormation, or other infrastructure files. We store findings (rule, severity, location) so you can review them in your dashboard. We don't store the code those findings came from.

AI remediation sends the relevant snippet to our LLM provider. When you ask for a fix and we generate a contextual diff, the offending statement block is sent to Anthropic's API to produce the response. Anthropic doesn't train on API content. The snippet isn't stored in vul.ninja's database afterward.

Template-based remediation never sees your code. For common findings, we return a canonical fix pattern from a hand-curated template. No LLM call, no snippet sent anywhere.

Built for SaaS teams shipping with AI.

SaaS founders, small engineering teams, and anyone using Claude Code, Cursor, or Windsurf to write infrastructure. Not for enterprise security teams running traditional CSPMs — they have Wiz for that.

Free during beta.

vul.ninja MCP is free during the beta. Founding-customer pricing applies after launch — 50% off for three months for the first ten customers.

Claim a founding spot

Questions.