Post

Scanwise: How I Built an AI-Powered Web Vulnerability Scanner That Sends Smart Reports to Your Inbox

Posted
By
2 min read

As a passionate full-stack developer with a deep interest in cybersecurity, I’ve always been frustrated with how complex, manual, and time-consuming web vulnerability testing can be-especially for small businesses, startups, or even developers testing their own side projects.

That’s what led me to create Scanwise - an AI-enhanced, automated web vulnerability scanner that combines the trusted power of OWASP ZAP with the intelligence of OpenRouter’s DeepSeek R1 model, all wrapped in a clean, modern experience that delivers smart vulnerability reports directly to your inbox.

⚙️ What Is Scanwise?

Scanwise is a lightweight SaaS application that:

  • Uses OWASP ZAP to scan web applications for vulnerabilities
  • Applies LLM-powered analysis to interpret results and prioritize them
  • Sends a plain-language email report with suggestions, risks, and next steps

It’s designed for developers, startups, cybersecurity consultants, and anyone who wants fast, insightful vulnerability testing without diving into hundreds of pages of logs.

🛠️ How I Built It

Scanwise is powered by a modern tech stack:

  • Backend: Ruby on Rails
  • AI Integration: OpenRouter API using the DeepSeek R1 model
  • Scanner: OWASP ZAP (Dockerized)
  • Asynchronous Jobs: Sidekiq + Redis
  • Email Delivery: ActionMailer
  • Frontend: Tailwind CSS + HTML
  • Hosting: Docker on VPS

The architecture is simple but scalable, letting users submit a URL and get a detailed report by email in minutes.

🧠 What Makes Scanwise Different?

  1. AI-Powered Analysis
    Traditional scanners give you technical logs. Scanwise summarizes them in human-friendly language, prioritizing the risks that matter most.

  2. Email-Based Reporting
    No dashboards. No logins. Just enter your URL, get scanned, and receive a clear report-like magic.

  3. Developer-Friendly Setup
    It’s fast to deploy, uses Docker, and integrates with other security tools easily.

🧪 What I Learned Along the Way

  • OWASP ZAP is powerful but has a learning curve. Containerizing it helped simplify usage.
  • Writing a good prompt for AI is as important as choosing the right model.
  • Automation is king. Making scanning and email reporting fully async improved UX dramatically.
  • Building something useful, even simple, gets attention-early feedback has been very encouraging.

🚀 What’s Next?

  • A self-hosted Pro version for companies
  • Team reports and dashboards
  • A browser extension for scanning live apps in dev/staging
  • Integration with CI/CD for DevSecOps workflows

🌍 Try It Now

You can try the free version at scanwiseapp.com.

I’m also looking for:

  • Early users
  • Co-founders in cybersecurity or growth
  • Angel or seed-stage investors interested in AI + security

📩 Let’s Connect

Thanks for reading! If you’re interested in securing your web apps smarter and faster, give Scanwise a try. Feedback is always welcome.

CyberSecurity, AI, Ruby-on-Rails, Startup
OWASP ZAP AI OpenRouter DeepSeek R1 Vulnerability Scanning Startup
This post is licensed under CC BY 4.0 by the author.