Platform Capabilities

AI-Powered Security forComplete Visibility

From malicious-code & backdoor hunting to deep AI audits, supply-chain analysis, custom Semgrep rules, and MCP-powered AI assistant integration

GitHub App Integration

First-Class GitHub App

Install the Guardian GitHub App for fine-grained, tokenless repository access. Automatic webhook-driven scans on every push and pull request event. Full OAuth installation flow with zero PAT management overhead.

  • GitHub App - One-click OAuth installation with fine-grained permissions
  • Webhook Events - Automatic scans on push, PR, and installation events
  • Tokenless Access - Short-lived JWT tokens, no PATs to rotate
  • Enterprise Ready - GitHub.com and GitHub Enterprise Server support
  • PAT Fallback - Personal Access Token auth for other VCS platforms
Guardian GitHub App
1Install App
2OAuth Callback
3Auto Scanning
push → scan triggered
pull_request → scan triggered
installation → repos synced
Dependency Discovery

Multi-Ecosystem Support

Parse dependency files from all major package ecosystems. We extract exact versions from lock files when available for precise vulnerability matching.

  • go.mod / go.sum - Go modules
  • package.json / yarn.lock / pnpm-lock.yaml - Node.js (npm, yarn, pnpm)
  • requirements.txt / Pipfile.lock - Python
  • Cargo.toml / Cargo.lock - Rust
  • pom.xml / build.gradle - Java
  • Dockerfile / docker-compose.yml - Container images & packages
  • Makefile / .mise.toml - Tool versions
Go
npm
PyPI
Cargo
Maven
Docker
Vulnerability Intelligence

Multi-Source Vulnerability Database

Aggregated vulnerability data from three trusted open-source databases. Package-level vulnerabilities from GitHub Advisory Database (GHSA) and Google OSV, enriched with detailed CVE information from NIST NVD.

  • GitHub Advisory Database (GHSA) - Curated security advisories for open-source packages
  • Google OSV - Distributed vulnerability database for open-source ecosystems
  • NVD - CVSS v3 scoring, CPE matching, and detailed vulnerability context
  • Automatic version range analysis and affected package detection
  • Daily synchronization across all sources
12 Critical
47 High
156 Medium
892 Low
Alerting

Instant Notifications

Get notified the moment a new vulnerability affects your tracked versions. Configure alert rules by severity, ecosystem, or project.

  • Email notifications
  • Slack webhooks
  • Configurable severity thresholds
  • Project-specific rules
New Vulnerability Alert
CVE-2024-1234 affects express@4.17.1
Severity: High
Compliance

SBOM Generation

Generate Software Bill of Materials in industry-standard formats. Perfect for compliance requirements and supply chain transparency.

  • CycloneDX 1.4+ JSON/XML
  • SPDX 2.3 JSON format
  • One-click export
  • API-accessible
CycloneDX
Components: 247
Export JSON
Code Security

SAST Scanning

Static Application Security Testing with 15+ integrated security scanners. Find vulnerabilities in your source code before they reach production. Automatic deduplication by CWE and location.

  • gosec, semgrep, bandit, bearer, grype, trivy
  • checkov, kubesec, kube-score, detect-secrets
  • npm audit, cve-bin-tool (12 tools total)
  • CWE and CVE correlation
  • Parallel scanning with smart deduplication
SAST Results
3 Critical
12 High
47 Medium
15 tools scanned
AI-Powered

Intelligent Security Analysis

Leverage AI to cut through the noise. Automatically review findings for real-world exploitability, generate executive security reports, and create project-specific security rules.

  • Finding Review - AI analyzes SAST findings to identify false positives vs true vulnerabilities
  • CVE Impact Assessment - Evaluate real-world exploitability based on attack vectors and context
  • Security Report Generation - Create comprehensive incident and scan reports with remediation guidance
  • Impact Summaries - Executive-level summaries explaining security posture in plain language
  • Custom Semgrep Rules - AI generates project-specific security rules based on codebase analysis
AI Analysis
24 findings reviewed
8 false positives identified
16 true positives confirmed
Generate Report
MCP Server

AI Assistant Integration

A full Model Context Protocol server with 33 tools, 2 resources, and 3 guided prompts. Let Claude Code, Cursor, Windsurf, or any MCP-compatible AI assistant directly query vulnerabilities, trigger scans, create fix PRs, and manage your security posture conversationally.

  • 16 Query Tools - Explore org overview, project details, dependencies, vulnerabilities, SAST findings, alerts, CVE info
  • 6 Analysis Tools - PoC generation, license compliance, security report generation, SBOM export
  • 11 Action Tools - Create fix PRs, trigger scans, manage alerts, create incidents, import projects
  • Guided Prompts - Security triage, project review, and license compliance audit workflows
  • JWT Auth - Per-org MCP enablement with full role-based access control
MCP Server
16Query
6Analysis
11Action
Claude CodeCursorWindsurf
New · Supply-Chain Security

Malicious Code & Backdoor Detection

Beyond CVE matching, Guardian hunts for backdoors, implants, and supply-chain compromises. Four pure-Go deterministic detectors run on every scan with zero external dependencies, plus a dedicated adversarial AI red-team agent that investigates suspicious patterns with the same mindset as a malware analyst.

  • Typosquatting Detection — Levenshtein distance against bundled top-1000 popular package lists for npm, PyPI, Go, RubyGems, Crates, and Maven
  • Install-Hook Abuse — Flags preinstall/postinstall/prepare scripts running curl|sh, eval-base64, or reverse shells; setup.py exec-base64; Gemfile direct git sources
  • Committed Binaries & YARA — PE/ELF/Mach-O magic-byte detection with SHA256 hashing; optional YARA pass over committed blobs to match known malware families
  • Supply-Chain CI Patterns — Dockerfile curl|sh, GitHub Actions Pwn-Request (the tj-actions/changed-files compromise vector), secret-curl exfiltration, mutable @main/@master action refs
  • Source Backdoor Signatures — PHP webshells (eval($_POST)), Python reverse shells, JS eval(atob(...)), bash /dev/tcp shells, Trojan Source bidi codepoints (CVE-2021-42574), env-exfil patterns
  • AI Red-Team Investigator — Adversarial agent referencing real-world incidents (event-stream, ua-parser-js, Codecov, tj-actions, XZ utils) returns a typed verdict: clean / suspicious / malicious
Malicious Code & Supply-Chain Risk
AI VerdictSUSPICIOUS
Workflow uses pull_request_target with PR-HEAD checkout, and a postinstall hook fetches an unverified remote shell.
GHA Pwn Request — .github/workflows/ci.yml
Install-hook curl|sh — package.json
Typosquat: loadsh ~ lodash
Committed binary — vendor/install.exe
4 detectors+ AI red-team
AI Audit

Deep AI Security Audit

A specialized AI agent with code exploration tools performs comprehensive source code analysis using a 3-phase methodology. Finds logic flaws, race conditions, and insecure design patterns that automated SAST tools cannot detect.

  • Phase 1: Reconnaissance - Maps project structure, identifies entry points, security-critical areas
  • Phase 2: Code Analysis - Examines auth, access control, data handling, cryptography, database access
  • Phase 3: Logic Review - Business logic flaws, race conditions, TOCTOU bugs, insecure design patterns
  • Configurable Focus - Target auth, injection, crypto, data exposure, logic, or all areas
  • Fix PR Generation - AI generates pull requests to fix discovered audit findings
AI Security Audit
Reconnaissance
Code Analysis
Logic Review
Race condition in balance check
Auth bypass in webhook handler
Missing rate limiting on API
Confidence: High
AI Assessment

AI Vulnerability Assessment

Every SAST finding and CVE alert is reviewed by AI for real-world exploitability. The system clones your repo, analyzes actual code paths, and determines whether vulnerable functions are truly reachable -- eliminating noise so you focus on what matters.

  • Relevance Scoring - 0.0 to 1.0 score based on code reachability and attack vector analysis
  • False Positive Detection - Identifies test files, dead code, sanitized inputs, framework protections
  • Dependency Usage Analysis - Checks if vulnerable functions are actually called in your code
  • PoC Generation - Creates proof-of-concept exploits to validate true threats
  • Auto Review - Automatically reviews all critical/high findings during scans
Vulnerability Assessment
47Reviewed
12True Positives
31False Positives
4Investigate
Relevance: 0.87
Custom Rules

AI Semgrep Rule Generation

A multi-agent AI pipeline generates custom Semgrep rules tailored to your exact codebase. Organization-level rules from natural language descriptions, plus project-specific rules that target your frameworks, APIs, and security patterns.

  • 4-Agent Pipeline - Analysis, Implementation, Verification, and Fix agents collaborate to produce valid rules
  • Project-Specific Rules - AI analyzes your codebase to generate 3-8 targeted rules per project
  • Per-Project Config - Granular control: enable/disable rule groups, cherry-pick individual rules, override group defaults
  • Batch Generation - Describe complex security patterns in natural language, AI breaks them into individual rules
  • Auto-Validation - Every generated rule is validated with semgrep --validate and auto-fixed if needed
Custom Semgrep Rules
Analyze
Implement
Verify
Fix
id: auth-bypass-check
severity: ERROR
languages: [go]
message: Missing auth middleware
ValidatedAI Generated
Attack Surface

Asset Monitoring

Monitor your external attack surface with passive DNS-based discovery. Automatically find subdomains, track live domains, and maintain visibility into all your internet-facing assets.

  • Passive DNS Discovery - Find subdomains without active scanning using historical DNS data
  • Live Domain Probing - Automatically check which discovered domains are active and responding
  • IP Resolution - Resolve and track IP addresses for live domains
  • Host Tracking - Maintain an inventory of all hosts associated with your projects
  • Continuous Monitoring - Scheduled discovery and probing keeps your asset inventory current
Asset Discovery
12 subdomains found
8 live domains
15 hosts tracked
*.example.com
Incident Response

Incident Management

Track and manage security incidents from detection to resolution. Link vulnerabilities to incidents, maintain timelines, and coordinate response efforts across your team.

  • Incident Lifecycle - Track incidents through open, investigating, mitigating, resolved, and closed states
  • Alert Linking - Connect vulnerability alerts to incidents for full context
  • Timeline Tracking - Maintain a detailed timeline of all incident actions and updates
  • Assignment & Ownership - Assign incidents to team members for clear accountability
  • AI-Enhanced Reports - Generate comprehensive incident reports with remediation guidance
Incident Tracker
2 Open
1 Investigating
5 Resolved
View Timeline
Enterprise

Teams & Organizations

Manage access and collaboration at scale with multi-tenant organizations, team-based permissions, and role-based access control.

  • Multi-Tenancy - Isolated organizations with separate projects, users, and settings
  • Team Management - Organize users into teams with leads and members
  • Role-Based Access - Admin, member, and viewer roles with granular permissions
  • Project Access Control - Control which teams can access specific projects
  • SSO Integration - Sign in with Google or GitHub for seamless authentication
Team Access
3 Teams
12 Members
8 Projects
Google SSOGitHub SSO
Executive Reporting

AI-Powered Security Reports

Generate comprehensive security reports with AI-written executive summaries, risk assessments, and prioritized remediation guidance. Organization-wide reports aggregate findings across all projects for board-level visibility. Per-project reports provide detailed scan analysis.

  • Organization Reports - Aggregated security posture across all projects with top risks and recommendations
  • AI Executive Summary - Plain-language security overview, risk assessment, and prioritized action items
  • Validity Review - AI assesses each finding as true/false positive with relevance scores
  • Impact Analysis - AI-generated impact summaries explaining business risk of findings
  • Multi-Format Export - Professional PDF and Markdown output with email delivery support
Security Report
Executive Summary
Risk Assessment
Top Risks by Project
Recommendations
PDFMarkdownEmail

Ready to Get Started?

Connect your first project in under 5 minutes.

View PricingGo to Dashboard
Solution Whitepaper

Download the Guardian Whitepaper

Application security platform covering malicious-code & backdoor detection, supply-chain analysis, SAST, AI-powered auditing, and MCP integration.

By downloading, you agree to receive product updates. Unsubscribe anytime.

Technical deep-dive
Architecture overview
Pricing & plans