Fraim is an open-source project that provides a modular, extensible framework for easily integrating LLM-driven workflows into common security processes such as vulnerability triage, misconfiguration detection, and automated remediation suggestions.
Security teams often want the productivity boost of LLMs, but find themselves bogged down by handling API integrations, structured data management, error handling, workflow chaining, and tool integrations.
Fraim abstracts all these challenges away, enabling teams to quickly create powerful, custom workflows that output standardized SARIF reports.
Currently, Fraim supports code repositories as input, but we're actively working on additional integrations such as GitHub PRs, VSCode integration, and more. It's modular by design, so extending it with new workflows or integrations is straightforward.
We're excited to share our initial release and would welcome your feedback, bug reports, and contributions.
Check out Fraim on GitHub: https://github.com/fraim-dev/fraim