Skip to content
@CodeThreat

CodeThreat

CodeThreat is a static application security testing (SAST) solution. It uses scientifically proven techniques with approximation to analyze a codebase at rest.

CodeThreat SAST

🚀 Roadmap

Our mission is to empower developers with a powerful SAST tool that seamlessly integrates into their workflows, helping them identify and mitigate potential security vulnerabilities from the earliest stages of development.

Our Vision

We envision a world where secure code is not an afterthought but an intrinsic part of every developer's mindset. By building an intelligent SAST Center, we aim to enable teams to proactively detect and address security issues, bolstering the overall security posture of software projects.

🛣️ The Road Ahead

Our roadmap outlines key milestones and enhancements that will shape our app to be more user-friendly and precise about dataflow analysis

  1. Dataflow Engine Improvements: Expand our SAST Center's rule sets to detect even the most complex and elusive security vulnerabilities, tailored to different programming languages and frameworks. We'll be focusing on more advanced dataflow analysis techniques to support more complex code scenerios.

  2. Intelligent Remediation Suggestions: Empower developers with actionable insights by suggesting appropriate fixes and best practices to address identified security flaws.

  3. Enhanced Integrations: Seamlessly integrate with a diverse range of version control systems, issue trackers, and CI/CD tools, providing teams with a unified security experience.

  4. Software Composition Analysis: Developing SCA Module to analyze project metadata and package manager dependencies, enhancing the project overview.

📞 Contact Us

Got questions or suggestions? Reach out to our team at [email protected]. We'd love to hear from you!


Note: This README.md provides a glimpse of our ambitious roadmap. For more detailed technical insights, check out our internal project documentation.

Pinned Loading

  1. IssueBlot.NET IssueBlot.NET Public

    This repository contains a collection of projects written in various frameworks (Core MVC, Core Standalone, NET MVC, NET WCF, NET WebForms) that demonstrate different vulnerabilities.

    C# 1 12

  2. codethreat-github-action codethreat-github-action Public

    CodeThreat GitHub Action integrates with GitHub to perform code security tests on your code. It supports a variety of languages and frameworks, providing detailed security scans to identify potenti…

    JavaScript 4

  3. codethreat-jenkins-plugin codethreat-jenkins-plugin Public

    CodeThreat with Jenkins, allowing you to identify and rectify security issues effectively. The repository also provides a sample Jenkins Pipeline script for your guidance. To use this tool, you nee…

    Java 3 5

  4. FlowBlot.NET FlowBlot.NET Public

    FlowBlot is static code analysis benchmark project by Codethreat, including sink-source challenges grouped into various technical analysis concepts.

    C# 15 20

Repositories

Showing 10 of 11 repositories
  • codethreat-github-action Public

    CodeThreat GitHub Action integrates with GitHub to perform code security tests on your code. It supports a variety of languages and frameworks, providing detailed security scans to identify potential issues.

    CodeThreat/codethreat-github-action’s past year of commit activity
    JavaScript 4 0 1 2 Updated Nov 14, 2024
  • CodeThreat/app-guide’s past year of commit activity
    1 0 0 0 Updated Nov 12, 2024
  • codethreat-azure-plugin Public

    CodeThreat: Advanced Static Analysis for CI/CD. Seamless integration with Azure DevOps, supports .NET assembly scans, and promotes Shift-Left practices

    CodeThreat/codethreat-azure-plugin’s past year of commit activity
    JavaScript 3 LGPL-3.0 0 0 3 Updated Oct 16, 2024
  • CodeThreat/codethreat-cli’s past year of commit activity
    Python 0 MIT 0 0 1 Updated Sep 27, 2024
  • IssueBlot.NET Public

    This repository contains a collection of projects written in various frameworks (Core MVC, Core Standalone, NET MVC, NET WCF, NET WebForms) that demonstrate different vulnerabilities.

    CodeThreat/IssueBlot.NET’s past year of commit activity
    C# 1 MIT 12 0 5 Updated Sep 17, 2024
  • CodeThreat/codethreat-gitlab-plugin’s past year of commit activity
    JavaScript 4 0 0 1 Updated Aug 28, 2024
  • codethreat-jenkins-plugin Public

    CodeThreat with Jenkins, allowing you to identify and rectify security issues effectively. The repository also provides a sample Jenkins Pipeline script for your guidance. To use this tool, you need a CodeThreat account.

    CodeThreat/codethreat-jenkins-plugin’s past year of commit activity
    Java 3 MIT 5 0 6 Updated Aug 28, 2024
  • .github Public
    CodeThreat/.github’s past year of commit activity
    0 0 0 0 Updated Aug 21, 2024
  • FlowBlot.NET Public

    FlowBlot is static code analysis benchmark project by Codethreat, including sink-source challenges grouped into various technical analysis concepts.

    CodeThreat/FlowBlot.NET’s past year of commit activity
    C# 15 GPL-3.0 20 0 0 Updated Feb 9, 2024
  • CodeThreat/ct-vscode-sast’s past year of commit activity
    TypeScript 3 LGPL-3.0 1 0 0 Updated Nov 1, 2023

Top languages

Loading…

Most used topics

Loading…