---
layout: home

hero:
  name: Certifai
  text: AI-Powered Security Compliance
  tagline: Automated SAST, SBOM, DAST, CVE monitoring, and code intelligence for your repositories
  actions:
    - theme: brand
      text: Get Started
      link: /guide/getting-started
    - theme: alt
      text: Features
      link: /features/overview

features:
  - title: Smart Findings with AI Triage
    details: Every finding is triaged by an LLM that considers severity, blast radius, and codebase context. You get a confidence score, rationale, and remediation guidance -- not just raw scanner output.
  - title: SBOM & License Compliance
    details: Full software bill of materials with dependency inventory, vulnerability tracking, license compliance analysis, and export to CycloneDX and SPDX formats.
  - title: Dynamic Testing (DAST)
    details: Black-box security testing of live web applications and APIs. Crawls endpoints, fuzzes parameters, and detects SQL injection, XSS, SSRF, and auth bypass vulnerabilities.
  - title: Code Knowledge Graph
    details: Interactive visualization of your codebase structure. Understand function calls, class hierarchies, and module dependencies at a glance.
  - title: AI-Powered Chat
    details: Ask questions about your codebase using RAG-powered AI. Code is embedded and retrieved contextually to give accurate, source-referenced answers.
  - title: MCP Integration
    details: Expose your security data to LLM tools like Claude and Cursor through the Model Context Protocol. Query findings, SBOMs, and DAST results from any MCP-compatible client.
---