Skip to main content
own2pwn

Contextual AI SAST: follow the data flow, not the regexes.

SecAI analyses your code continuously. A deterministic SAST engine traces the data flow from source to sink, then an LLM agent prunes the false positives before they ever reach your backlog. AI application security that also covers dependencies (reachability-based SCA), IaC and secrets in a single scan, correlated into attack paths. Built by an OSWE-certified pentester, hosted in the EU. Pre-launch product: we only describe what already runs today.

Read-only · Hosted in the EU · your code trains no model
Multi-file
Taint tracking from source to sink
GitHub + SARIF
Native CI Action, SARIF export
Hosted in the EU
GDPR, European law, zero training on your code
SAST · TAINT TRACKINGSARIF EXPORTOWASP · CWENATIVE GITHUBOSWE CONSULTANT
We built SecAI the way a pentester reads code in white-box: we follow the data flow to the sink, we don't count patterns.
own2pwn · OSWE-certified pentesterA pentester answers you within 24 h

Clear pricing, no surprises.

Starter
€0
  • 2 repositories
  • Unlimited deterministic pre-pass (SAST, SCA, IaC, secrets)
  • 20 AI validations / month, up to 10 scans per day
  • Scans on push/PR and cron-scheduled
  • HTML report and SARIF export
  • Community support
Start for free
Recommended
Pro
€99 / mo
  • Unlimited repositories
  • 250 AI validations / month, up to 200 scans per day
  • LLM agent verification and attack-path correlation
  • GitHub App, SARIF Action, severity gate and auto-fix PR/MR
  • Slack, webhook and email notifications
  • Extra validation at €0.30 (pay-as-you-go), up to 5 users
Subscribe
Team
€299 / mo
  • Unlimited repositories
  • 750 AI validations / month
  • SSO / SAML and RBAC
  • Priority analysis queue
  • Extra validation at €0.30 (pay-as-you-go)
  • Up to 15 users
Subscribe
Enterprise
Custom
  • Negotiated validation volume
  • SSO / SAML / SCIM, audit logs
  • Self-hosted runner, dedicated deployment
  • Stronger SLA, compliance support (GDPR, ISO, SOC 2)
  • Coupling with own2pwn pentests and EASM
Talk to an expert

What your current SAST costs you.

01

Pattern-based SAST drowns the team

A regex engine flags a line without knowing whether tainted data ever reaches it. The result: hundreds of alerts, mostly false positives, and a team that ends up reading none of them.

02

The backlog fills up, nobody clears it

When one finding in two is wrong, developers close tickets as won't-fix. Real flaws drown in the noise and stay in production, with no clear reason to fix them.

03

Coverage stops when the pentest ends

A human audit is a snapshot at one date. Between two engagements, every commit can reintroduce a flaw, and nothing watches the code until the next report, months later.

From connected repo to a fix in review.

01Connection

1. You connect your repository

GitHub via the GitHub App, GitLab via OAuth or token. Read-only access, scope limited to the repositories you tick. No fork, no commit pushed into your code without your action. Data deletion on request, encryption at rest.

02Analysis

2. SAST follows your data flows

Tree-sitter spots the sensitive sinks, the taint engine walks the source to sink chain, inside a file then across files and modules. The deterministic pre-pass discards unreachable or already sanitized cases before calling the LLM. Every finding shows its full taint chain: you see why it was flagged, not an opaque verdict.

03Verification

3. The agent triages and correlates

A LangGraph agent runs after the SAST to verify the candidates, kill the false positives and link SAST, reachability-based SCA, IaC and secrets into attack paths. The scan runs on every push or pull request and on a cron schedule, so static coverage does not stop between two pentests. To reach a fix, fix-pr opens a PR or an MR that applies the patch in place.

04Remediation

4. Report, SARIF and CI/CD

HTML report, native SARIF export for GitHub Code Scanning, PR or MR comments, Slack alerts, webhook or email. The GitHub Action sets a configurable severity gate in your pipeline. GitLab, Jenkins and self-hosted runners go through the secai CLI. Final human verification remains the business of our OSWE pentests, a separate offering.

The data flow, from source to sink.

We don't flag a line, we follow the data. The engine traces from the attacker-controlled source (a request, a parameter) to the sensitive sink (a SQL query, a system command), across the functions and files of the repo. When a sanitizer breaks the chain, the case is dropped before any model call. When the path stays open, it is shown in full: you see why it's exploitable, not an opaque verdict.

Pattern SAST counts lines. SecAI follows the data.

Pattern SAST
  • Flags a pattern on a line, without context
  • Often stops at the file boundary
  • Drowns the team in false positives
  • One-off audit, re-run by hand
SecAI
  • Follows the data flow, from source to sink
  • Traces the chain across functions and files
  • An agent prunes false positives before the backlog
  • Continuous analysis on every push, PR and cron

What the engine does, in numbers.

Static, zero runtime

SecAI reads your code, it doesn't run it. No DAST, no replay against a live target, no risk to your production. The deterministic pre-pass consumes no validation: only the AI verifier spends budget.

Deep languages
14 languages
Output
SARIF · JSON · HTML
Engine
tree-sitter + taint
Verification
LangGraph agent
AI validations / mo (Pro)
250
Auto-fix
PR / MR
Triggers
push · PR · cron
Runtime
0 (static)

What we do differently from other AI SAST tools.

01

Hosted in the European Union

Your code is stored in the EU (Germany), encrypted at rest, with GDPR purge on request. For analysis, it is sent to Anthropic's Claude models served through Google Cloud Vertex AI in a European region: neither Google nor Anthropic uses your data to train their models. A CISO keeps a clear processing chain to document, without a three-week legal review.

02

Built by an OSWE pentester

SecAI does not come out of a data team. The detection and prioritisation logic comes from real exploitation: what an attacker actually reaches, what deserves a fix, what can be deduced from the code alone. The OSWE certification is precisely about exploiting white-box application vulnerabilities, exactly where SAST plays out.

03

AI to triage, not to chat

The pre-pass is deterministic: tree-sitter spots the sinks, the taint engine walks the data flow to its destination. This step consumes no validation and discards cases with no source or already sanitized before any model call. Only the candidates that survive go to the LLM verifier, which kills the false positives. No chatbot, no opaque verdict: every finding shows its taint chain, so the reason for the flag.

04

Complementary to your pentests, not a replacement

SecAI covers the gap between two audits. Continuous static analysis on every commit and on a cron schedule, while your app changes every day. Human validation remains the business of our pentests, a separate offering signed by a pentester. The tool says so itself: every report recommends a review by a professional. We don't sell an AI that replaces the human, we sell the continuity between their passes.

Your code stays under European law.

  1. 01Hosted in the European Union, under European law
  2. 02Encrypted at rest, GDPR purge on request
  3. 03Read-only, on the scope you choose
  4. 04Zero model training on your code
  5. 05Built by an OSWE-certified pentester

Fits into your CI/CD

GitHub App
GitHub Action
GitLab
Jenkins
CLI secai
SARIF
Slack
Webhook

What you probably want to know.

Which languages and frameworks does SecAI really cover today?+

We cover 19 languages with a taint engine (tree-sitter grammar plus a flow walker), 14 of them in depth: sources, sanitizers and sink rules across several vulnerability classes. The most mature are Python, JavaScript/TypeScript and Java, followed by Go, PHP, Ruby and Kotlin, then C, C++, C#, Rust, Swift, Scala and Bash. On the web-framework side, we recognise the routes and entry points of Django, Flask, FastAPI, Express, NestJS, Next.js, Spring, Laravel, Symfony, Rails and ASP.NET Core, among others. Five languages (Dart, Lua, Perl, PowerShell, R) are parsed but limited to injection and path traversal, with no sanitizers: light support, which we label as such rather than oversell uniform coverage. If your stack is not in the list, write to us: we scope the perimeter before committing to anything.

How does the contextual SAST work, concretely?+

Two stages. First a deterministic pre-pass: tree-sitter spots the sensitive sinks, then a taint engine walks the data flow from its source to the sink, across the functions and files of the repository. Anything with no attackable source or that passes through a sanitization step is rejected right away, without consuming a validation. Only plausible chains survive, and they then go to verification. Every finding shows its full taint chain (source, intermediate steps, sink): you see why it surfaced, not an opaque verdict.

And the AI agent, what does it do exactly?+

It's a static analysis agent orchestrated with LangGraph. A supervisor routes the scan to specialised workers (SAST, SCA, IaC, secrets), and a triage agent re-reads the code findings with AST inspection tools to discard false positives. Let's be clear about one thing: SecAI does not do DAST, does not run your application and does not replay a pentest against a live target. Coverage between two human audits comes from continuous static analysis, triggered on every commit or pull request and via scheduled scans (cron per repository). No runtime, so no risk to your production.

How is it different from Snyk, Semgrep, CodeQL or Checkmarx?+

Classic pattern-based SAST often stops at the file and drowns the team in noise. Here, multi-file taint tracking walks the real data flow, and an AI verifier kills part of the false positives before they land in your backlog. SecAI also correlates SAST, SCA with reachability, IaC and secrets in a single scan, then rebuilds attack paths. We're less exhaustive than the incumbents on exotic languages; our focus is elsewhere: triage, exploitability and correlation into attack paths. And above all, SecAI fits a pentester's logic: it extends coverage, the human keeps the final decision.

Does SecAI replace my human pentest?+

No, and that's not the goal. SecAI provides static coverage continuously between two engagements, where your code moves on every deploy. Human verification remains our pentest offering, separate, run by an OSWE-certified pentester. The SecAI report even states it explicitly: findings must be reviewed by a professional. SecAI and the own2pwn pentest complement each other, they don't substitute for one another.

How do I integrate it into my CI/CD?+

On GitHub, integration is native: GitHub App plus composite GitHub Action, with Code Scanning-compatible SARIF export, a PR comment and configurable blocking beyond a severity threshold (default: fail on high severity). For GitLab, Jenkins or self-hosted runners, the path is the secai-cli (remote or local scan, SARIF/JSON output, same exit codes). GitLab is also supported as a code source (OAuth/PAT, comments and merge request opening). Note, pre-launch product: we do not claim the Action and the CLI are already published on public marketplaces, contact us for early access.

Does my source code leave the EU, and is it used to train a model?+

Storage stays in the EU (Germany), encrypted at rest, with an implemented GDPR purge (deleting a repository or an account, data included). For analysis, the code is sent to Anthropic's Claude models served through Google Cloud Vertex AI in a European region: Google is a provider with a US parent company, covered by standard contractual clauses (GDPR). Neither Google nor Anthropic uses your data to train their models (Vertex AI data governance). Access to your repository is read-only, limited to the perimeter you define.

Can I export the reports, and get them back if I stop?+

Yes. SecAI generates an HTML report, a SARIF export (server and CLI), and pushes the results to where your team works: PR/MR comments, Slack, webhook, email. The SARIF integrates directly into GitHub Code Scanning. If you stop, you export your reports and your data is deletable on request via the GDPR purge routes.

How do validations and pay-as-you-go work?+

The free tier includes 20 AI validations per month (and up to 10 scans per day). The Pro plan includes 250 per month (up to 200 scans per day), the Team plan 750. A validation covers one unit of AI verification: the deterministic pre-pass consumes nothing, only the LLM verifier burns budget. Beyond the plan, each additional validation is billed €0.30 pay-as-you-go, aggregated on the monthly invoice. An estimator gives you the cost before launching a scan (based on code size and entry points), a scan that fails due to an infra incident is refunded, and usage is viewable in real time.

The product is young: what actually runs?+

SecAI is in pre-launch, we own that. Already working: the scan engine (deterministic then AI SAST, SCA with reachability, IaC, secrets), the LangGraph orchestration, the dashboard and the API, the validation system with estimator and refunds, the GitHub and GitLab sources, repository upload or private clone, the CLI, SARIF export, scheduled scans, multi-channel notifications, auto-fix by PR/MR, encryption at rest and GDPR purge. What does not exist and what we won't sell you: DAST, replaying a pentest scope against a live target, and pentester-signed reporting directly in the app (that is our pentest offering, separate). The best way to judge is still early access.

Connect a repo.

You connect a repo read-only, we hand back the real vulnerable data paths, triaged and ready to fix. Product in pre-launch: request early access.