Alex Cuoci

@Kaygeeartworks @amasad This is available to all paying customers on an opt-in basis for now. Our goal in the near future is to explore options where resolution of routine vulnerabilities can be fully managed by AI, even while you are away.

@amasad Enabled by default? and is this limited to certain sub tiers?

Sometime apps you made that are secure might suddenly become vulnerable when there is an exploit in one of its dependencies. Typically you need engineers on payroll to monitor and handle this. We just automated that with Auto-Protect. It’s like your security engineer 24x7.

@Th3RealSocrates @amasad Auto-Protect is currently scanning for dependency vulnerabilities based on public advisory databases (for example, see osv.dev). You can enable Auto-Protect only for vulnerabilities of a certain severity, such as high / critical only.

@amasad False positive rate? My last "automated security" tool flagged 340 alerts, 3 real. Cost me 2 days triaging. 24/7 noise isn't 24/7 protection.

@PromptSlinger @amasad We recommend running Security Agent whenever you add a new major feature to your app, since it does a full teardown of your codebase. We have other static analysis checks that are designed to run continuously as you build and in the background while you are away.

@amasad static analysis catching the thing and AI explaining why it matters is a better split than most security tooling attempts. does it run continuously or trigger on deploy?

A wave of security issues is hitting AI-generated apps and platforms. This is one of the defining problems of the AI era. Announcing Replit Security Agent: a new approach that merges static analysis with AI reasoning. AI alone is too noisy. Static alone miss context. Together, they produce dramatically higher signal. Finding real vulnerabilities and fixing in minutes.

@hewhoships @amasad Agree! We've also started running some static analysis checks directly in the build loop.

@amasad the real problem isn't scanning after the fact, it's ai coders shipping vulns faster than humans can review. static analysis has to run in the loop, not at deploy

@thespringbuck @Replit Thanks for the feedback, support for migrating existing projects is also on our radar, coming soon-ish.

@Replit Really need this for existing projects so UK based apps are changed to Europe 🙏

You can now host your Replit apps globally - Compute + storage colocated automatically - Enterprise teams can enforce org-wide region policies - New Europe, Asia, South America and Australia regions. Available for new apps for paying customers only.

@reduntildead0 @Replit We're working on bringing this to the platform too. Stay tuned for more.

@Replit Why are African countries always excluded from these? Theres many replit builders in South Africa

@astuyve See you there AJ!

Heading to the airport for re:Invent

@astuyve Congrats AJ!!

I woke up this morning feeling pretty excited to be a dad soon! Happy Father's day y'all!

@astuyve Congrats AJ 👏😁

I'm honored to share that I've been chosen as an AWS Serverless Hero! I've been looking at this draft for an hour and still don't know what to say, so the best I can do is – thank you. Looking forward to many more years of #Serverless goodness!

@matteog__ I feel this lots, miss the days of having nothing better to do than draw maps (mine all looked like some variation of Venice)