NetSecAI: assistant cyber that turns audit JSON into prioritised, ticket-ready patches
Paste the JSON output of any cyber audit (Cyber Audit Suite, SecuChecker, custom scan) — or enter a URL to scan first — and NetSecAI walks through each finding in plain English, classifies the severity, generates the exact config snippet to fix it, and exports a Markdown ticket your team can paste into Jira or Linear. Works fully offline with a built-in security knowledge base. Bring your own OpenAI / Anthropic / Gemini API key to upgrade to richer AI explanations.
AI mode: your API key stays in this browser (localStorage). No proxy. Never sent to PeopleAreGeek servers.
What NetSecAI actually does
Most security scanners output a JSON dump of findings. NetSecAI is the layer on top: it reads the findings, groups them by severity and category, explains each one in language a non-specialist stakeholder can read, and produces the exact config line or PHP filter you would write to fix it. The chat-style interface is a deliberate choice — when you are juggling 12 findings across 3 categories, a linear conversation forces you to think one at a time instead of glazing over a flat list.
Compatible inputs include the JSON from our Cyber Audit Suite (the recommended pairing), SecuChecker, the Mozilla Observatory API output, the Qualys SSL Labs JSON, or any custom scanner that emits a results[] array with category + finding.kind + finding.title fields. The rule-based engine recognises the standard WordPress and HTTP security patterns out of the box.
Offline rule-based mode versus AI mode
The default mode is offline: a built-in knowledge base maps each finding category to a templated explanation and a fix snippet. It is deterministic, reproducible across runs, and requires no API key or internet beyond the initial page load. Output quality is consistent: every finding produces a structured response with severity, plain-English context, and a config snippet.
The AI mode is the upgrade. Bring your own API key from Anthropic, OpenAI or Google. NetSecAI sends the findings JSON to the model with a system prompt that asks for a prioritised explanation, gets a richer narrative back, and renders it as the assistant messages in the chat. The API key stays in your browser’s localStorage; nothing is proxied through our backend. Use AI mode when the findings are unusual (custom scanners, edge categories) or when you want a longer narrative for a stakeholder report.
Pairing with the Cyber Audit Suite
The intended workflow: run a scan on /cyber-audit-suite/, click the Raw JSON tab, copy the dump, paste into NetSecAI here. Five seconds total. The Suite gives you the raw “what is broken” view; NetSecAI gives you the “what to do about it, in what order, with what exact command” view. Together they cover the discover → understand → fix loop on a single page each.
Exporting findings as tickets
The Markdown export tab generates a ticket-ready dump grouped by severity, with each finding as a bullet that includes title, plain explanation, fix snippet, and a link back to the source scan. Copy-paste into Jira, Linear, GitHub Issues, Notion, or wherever your team triages. The format follows the GitHub Flavored Markdown spec — code fences render correctly across every common ticket system.
Privacy and data handling
Rule-based mode is completely offline once the page is loaded; no network calls happen during analysis. AI mode sends the findings JSON to the API provider you selected, using the key you provided. We do not log, proxy, or store any of that traffic. If the findings JSON contains sensitive URLs or hostnames, redact them before pasting; the rule-based engine works just as well on anonymised input.
Frequently asked questions
Where does my API key go?
Into your browser’s localStorage under the key netsecai.apiKey. It is never sent to any PeopleAreGeek server, never logged, never proxied. The fetch call goes directly from your browser to the provider’s API. To clear the key, open the Settings panel and clear the field, or clear your browser’s site data for peoplearegeek.com.
What format should the input JSON follow?
The minimum shape is {"url": "...", "results": [{"category": "transport", "finding": {"kind": "bad", "title": "...", "body": "..."}}, ...]}. The Cyber Audit Suite emits exactly this shape. SecuChecker output and Mozilla Observatory output are auto-converted on input. Custom scanners that emit similar nested objects work out of the box.
Does AI mode work with any model?
It works with any model that accepts the OpenAI chat format or the Anthropic messages format. For OpenAI, GPT-5 turbo and GPT-5 mini are tested. For Anthropic, Claude Sonnet 4.6 and Claude Opus 4.7 are tested. For Google, Gemini 3.0 Pro via the GenAI API works. Other compatible endpoints (Mistral, Groq, Together) work with their respective API key formats — point the base URL via the model name field.
What if the rule-based engine does not recognise a finding category?
It falls back to a generic “category unknown” template that still surfaces the title and body in chat format. For better coverage of an unknown category, switch to AI mode — the LLM is much more permissive about input shapes and will produce a useful explanation even for novel findings.
Can I run this against a private internal URL?
If you choose “Scan URL live”, the URL is sent to our backend scanner endpoints (the same as Cyber Audit Suite). For private internal URLs, run the Cyber Audit Suite yourself on the internal network, copy the JSON output, paste it here in “Paste audit JSON” mode. The analysis runs entirely client-side at that point.
Is the AI output reproducible?
No, because LLM sampling is stochastic. If you need reproducible reports for compliance, use the rule-based mode. AI mode is intended for narrative reports and stakeholder communication where small wording variations are acceptable.
