Back to use cases
23 DEVSECOPS Development and operations High

DevSecOps — Continuous Security Pipeline

Shift-left security with vigil, Semgrep, Snyk, licit compliance, and weekly dependency review.

intake ☆☆☆
architect ★★☆
vigil ★★★
licit ★★★
Architecture diagram
Context

Complete DevSecOps pipeline with shift-left security: pre-commit with vigil quick, CI with vigil full + Semgrep + Snyk, and weekly dependency review.

Flow with 4 tools
Phase 01 vigil

AI-code security

Complete security scan with deps and test quality.

◇ vigil 
vigil scan src/ --format sarif --output vigil.sarif
vigil deps --verify --format json --output deps.json
vigil tests --quality tests/ --format json --output test-quality.json
Phase 02 licit

CI compliance

Trace, vigil connection, and compliance verification.

⬡ licit 
licit trace
licit connect vigil --sarif vigil.sarif
licit report --format json --output compliance.json
licit verify --min-score 75
Phase 03 architect

Security review

Automated PR security review.

△ architect 
architect run "Review PR security" \
  --agent review --context-git-diff origin/main \
  --report github --budget 0.10