Corgea - Ship fast without worrying about security
Corgea helps developers ship fast without worry about security. It is an AI-powered developer platform that automatically finds, and fixes insecure code. Sign up today for free to try Corgea.
Subscribe
Sign in
Replies
SyncSignature
Oh yea! This could really benefit vibe coders! I saw a couple of tweets of builders/makers having to rewrite their whole products due to compromised security. Great one @garrytan @ahmad_sadeddin @adambronte @tamara_abualhsan
Corgea
@neelptl2602 Thanks! You hit the nail on the head! We're seeing vibe coders use Corgea to prevent being in that exact situation. It's a security agent for your coding agents.
@neelptl2602 @ahmad_sadeddin Precisely as you stated. Now builders don't have to worry about having security issues in their products. Amazing!!!
very useful one for developers and owners. Does it only check when take a pull request or it solve errors based on entire codebase?
Corgea
@replibee thanks! you can do both on PR and full codebase scan.
@ahmad_sadeddin this is amazing
Typeform Alternative By Buildform
Very cool idea! Love that you’re tackling security in the dev workflow before it becomes a post-deploy nightmare.
Curious if there’s a way to expose any of these checks via webhook or API? Could be fun to integrate with something like buildform - we’re seeing dev teams use it to build quick internal tools, and it’d be slick to have auto-security validation baked into the form logic layer.
Congrats on the launch! 🛡️
Corgea
@stanlyya thank you Harsha! You're absolutely correct, catching these before is much easier to correct.
Yes, you can absolutely perform these checks using our CLI and APIs.
https://docs.corgea.app/cli
https://docs.corgea.app/new_api
Corgea
🚀 Hello Product Hunt! We’re thrilled to introduce Corgea 🐕 – the AI-powered developer platform that automatically finds, and fixes insecure code. 🛠️
Why Corgea?
Developers just want to ship code without worrying about security. Traditional tools miss a lot of vulnerabilities and don’t help fix issues when they're found. Corgea changes that. Instead Corgea uses LLMs to review your code to find vulnerabilities, and writes the security fix for you to approve it.
What makes Corgea special?
🔍 Finds what matters: Corgea detects business logic flaws, API security issues, broken auth and critical vulnerabilities that is often missed.
🪄 Fixes the code for you: AI-generated fixes allow developers to fix security flaws instantly within their workflows.
🚫 No more alert fatigue: Our AI automatically triages findings, filtering out false positives and low-priority vulnerabilities.
🔗 Integrates where you work: Works seamlessly with GitHub, GitLab, Azure DevOps, IDEs, and CI/CD pipelines.
🦺 Built for real-world security: Corgea supports 900+ CWEs across Python, JavaScript, Typescript, Ruby, Go, Java, Kotlin, C, C++, PHP, C#, and their frameworks.
Hundreds of users signing, and feedback has been phenomenal. Our team is shipping fast, constantly improving detection and fix capabilities.
🔥 Exclusive for the PH Community! 🔥
Get 50% off our plans if you sign up in April to Mid-May! Secure your spot now: https://corgea.app
Thank you @garrytan for hunting us!
DocsHound
Really nice idea. How long does it take to scan a larger project eg 6k+ source files?
Corgea
@k_piotr Thanks! It's very fast ~1 million lines of code in 20 mins. We don't need to scan all files. Corgea intelligently gathers the right context and skips files that aren't source code or are relevant like migrations. Give it a try and let me know.
Looks super helpful for devs trying to balance speed and security. How customizable is the tool when it comes to fixing code - can users review and approve changes before they’re applied?
Corgea
@antonyo_demydov thanks! We never merge code automatically and you can definitely customize and approve the changes before their applied.
I think a product like this will fit directly into a vibe coder's toolkit - much needed. Am curious though - as someone non-technical, are there ways you've built in that I can trust that your AI hasn't introduced different issues while trying to fix issues introduced by another AI that wrote the original code :)
Corgea
@ragsontherocks thanks! that's definitely a great question. We've built a pipeline to focus on quality and helping ensure things don't break along the way. However, there are certain pieces of context we don't have and we recommend reviewing the changes before applying them.
An interesting concept. upvoted and bookmarked. good luck with the launch, team @Corgea
Corgea
@taniabell thank you!
Congratulations on the launch of Corgea! This platform addresses a crucial need for developers to balance speed and security. How does Corgea’s AI identify and prioritize vulnerabilities in code, and what is the process for fixing them automatically?
Corgea
@ica_lestari Thanks! Great questions:
1- Corgea uses LLMs as part of it's scanning process which helps it understand meaning and context to identify vulnerabilities, which is why we're able to detect vulnerabilities that were previously undetectable. This is a great article that show that.
2- For auto-fixing, we spent a crazy amount of time building a robust pipeline with LLMs and static analysis to make sure quality was over 90% which is why we were named the leader in this report.
Corgea
@german_merlo1 thanks!
Automated security fixes are critical; I like this! 👍
Corgea
@shenjun thanks! Please give it a try and let us know what you think.
Have seen some really terrible security incidents at some of the renowned brands - Issue? - Vulnerabilities were found in their code, especially the ones that should've been there already.
DevSecOps should be adopted as a Default, not an option, by every company that's developing any kind of apps today. Now with Vibe Coding, this can come in extremely handy!
A much-needed mission, after all. Great work, team @Corgea! @ahmad_sadeddin
Corgea
@pj_vm absolutely, and we've seen these incidents time and time again unfortunately. Thanks for the comment!
This is a brilliant idea!
With vibe coding becoming so popular these days, I can see this bringing significant improvements on the security front too.
It really feels like a whole new experience. Congrats on the launch!
Corgea
@kay_arkain thank you! Appreciate the support.
OpenArt.ai
Congrats on the launch Corgea :))
Corgea
@hehe_z thank you! appreciate it
sure gonna try once .
Corgea
@aryan_2002 please do! thanks
Interesting promise. How does Corgea balance between speed and security depth? Fast scans are great, but do they catch the edge cases that seasoned security audits usually flag?
Corgea
@shreyans_assistiv Corgea can process ~1 million lines of code in about 20 mins using LLMs. That's part of our unique offering is that we don't compromise between speed and depth.