Use this template
Open OWASP Security Hardening in Devin and create the automation with the default configuration. You can customize it before saving.
What this automation does
The OWASP Top 10 is the industry baseline for web application security, but most teams don’t have the time to audit against it regularly. This automation does it for you: weekly scans, prioritized findings mapped to each OWASP category, and actionable fix PRs for the issues Devin can safely remediate.How it works
Trigger: Schedule event —recurring
- Event:
schedule:recurring- Conditions:
rrulematchesFREQ=WEEKLY;BYDAY=MO;BYHOUR=9;BYMINUTE=0
- Conditions:
Prerequisites
- Integrations:
Example prompt
The template ships with this prompt. You can edit it after clicking Use template, or leave it as-is.Setting it up
- Open Automations → Templates in Devin.
- Click OWASP Security Hardening. The create page opens with this template pre-filled.
- Connect any required integrations and install MCP servers if you haven’t already.
- Replace any placeholder values in the trigger conditions (for example, swap
your-org/your-repofor your actual repo). - Review the prompt and adjust it for your team’s language, conventions, and guardrails.
- Click Create automation.
When to use this template
- Pre-SOC 2, ISO 27001, or HIPAA audit preparation
- Customer security review response
- Ongoing security posture maintenance
- Proactive hardening before exposure to untrusted traffic
Customization ideas
- Focus on specific OWASP categories (e.g. A01, A03, A07)
- Scope to specific repos or services (public-facing vs internal)
- Cross-reference with penetration test findings
- Integrate with your compliance platform for evidence collection