facebook pixelSafe and Secure Static Code Analysis
Back to Static code analysis

SAST: OWASP and CWE

Enforce OWASP 10, MITRE CWE, CWE/SANS Top 25

With Codiga, ensure that every code change is safe.

Codiga checks your code in real-time in the IDE, and at each code changes in your CI/CD pipelines. Codiga implements code analysis rules for all major standards and follows software practices such as OWASP10 and CWE/SANS Top 25

SQL injection

SQL injections are still very common and cause database corruptions.

Examples of rules

mysql-injection.py

Secrets detection

Codiga detects leaked secrets (API tokens, SSH keys, AWS access keys) in your codebase.

Examples of rules

secret-detection.py

Insecure deserialization

Unsafe deserialization causes arbitrary code execution in your software.

Examples of rules

insecure-deserialization.py

Security misconfiguration

Misconfigured infrastructure may expose your data and code to attackers. Protect your code and ensure your configuration is safe.

Examples of rules

Coming soon

Code injection

Shell and random code injection compromises your system security. Avoid code injection at each code change.

Examples of rules

code-injection.py

Data exposure

Misconfigured applications or open endpoints expose your data to attackers.

Examples of rules

data-exposure.py

Access control

Incorrect access control lets unauthorized users access data and control your system.

Examples of rules

Coming soon

Memory error

Buffer overflows and memory corruption is one of the most common errors and must be avoided.

Examples of rules

Coming soon

Input validation

Enforce input validation in your application to prevent that users do not compromise your system with invalid inputs.

Examples of rules

python-flask-form-validation.py
real-time security in your IDE and CI/CD pipelines

Real-Time security in your IDE and CI/CD pipelines

Codiga inspects your code in the IDE and reports security issues for your code that covers OWASP10, CWE-25 and Sans-CWE25. Add links to CWE MITRA, OWASP10 and SANS25.

Install Codiga for your IDE

Merge with confidence

Codiga analyzes each code change and reports major security issues that may have been introduced. Avoid any security issues in production code and merge with confidence with Codiga.

Get Codiga for your code platform

merge with confidence
secure by default

Secure by default

Codiga never stores your source code in its infrastructure. All customer data is encrypted and stored securely. Codiga has been audited and achieved SOC-2 Type I compliance in accordance with the American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations.

Learn More

We support the most popular languages and libraries