Detect, track, and fix code security vulnerabilities anywhere in the development cycle using ML and automated reasoning
Vendor
Amazon Web Services (AWS)
Company Website
Find your most expensive lines of code
Detect security vulnerabilities at any stage of the development lifecycle
Amazon CodeGuru Security is a static application security testing (SAST) tool that combines machine learning (ML) and automated reasoning to identify vulnerabilities in your code, provide recommendations on how to fix the identified vulnerabilities, and track the status of the vulnerabilities until closure. Amazon CodeGuru Profiler helps developers find an application’s most expensive lines of code by helping them understand the runtime behavior of their applications, identify and remove code inefficiencies, improve performance, and significantly decrease compute costs.
Benefits of CodeGuru Security
Detect vulnerabilities at any stage of the development workflow
The CodeGuru Security API-based design provides integration capabilities to use at any stage of the development workflow. Whether your organization adheres to the “shift left“ or “shift right” ideology, CodeGuru Security plugs into your continuous integration and delivery (CI/CD) tooling to help you identify vulnerabilities in your application code.
Reduce false-positive detections
False positives cost you money by diverting engineering resources to findings that are found not to be vulnerabilities after review. By performing deep semantic analysis, CodeGuru Security detects vulnerabilities with a high precision, significantly reducing the number of false positives. This frees up engineering teams to focus on building applications for your organization.
Automatically track bug closure
The CodeGuru Security bug-tracking feature automatically detects when a bug is closed. The bug-tracking algorithm ensures that you have up-to-date information on your organization's security posture without additional effort. You focus on what matters to you, and CodeGuru Security takes care of the rest.
Start immediately without VM provisioning
There is no need to provision virtual machines (VMs) to run CodeGuru Security. Just integrate CodeGuru Security with your tooling, and it will scale up and down with your workload.