---
layout: home

hero:
  name: Compliance Scanner
  text: AI-Powered Security Compliance
  tagline: Automated SAST, SBOM, DAST, CVE monitoring, and code intelligence for your repositories
  actions:
    - theme: brand
      text: Get Started
      link: /guide/getting-started
    - theme: alt
      text: Features
      link: /features/overview

features:
  - title: Static Analysis (SAST)
    details: Automated security scanning with Semgrep, detecting vulnerabilities across multiple languages including OWASP patterns, GDPR issues, and OAuth misconfigurations.
  - title: SBOM & License Compliance
    details: Full software bill of materials with dependency inventory, vulnerability tracking, license compliance analysis, and export to CycloneDX/SPDX formats.
  - title: Dynamic Testing (DAST)
    details: Black-box security testing of live web applications and APIs. Crawls endpoints, fuzzes parameters, and detects SQL injection, XSS, SSRF, and auth bypass vulnerabilities.
  - title: Code Knowledge Graph
    details: Interactive visualization of your codebase structure. Understand function calls, class hierarchies, and module dependencies with community detection.
  - title: Impact Analysis
    details: When a vulnerability is found, see exactly which entry points and call chains are affected. Understand blast radius before prioritizing fixes.
  - title: AI-Powered Chat
    details: Ask questions about your codebase using RAG-powered AI. Code is embedded as vectors and retrieved contextually to give accurate, source-referenced answers.
---