Corgea helps developers ship fast without worry about security. It is an AI-powered developer platform that automatically finds, and fixes insecure code. Sign up today for free to try Corgea.
Oh yea! This could really benefit vibe coders! I saw a couple of tweets of builders/makers having to rewrite their whole products due to compromised security. Great one @garrytan@ahmad_sadeddin@adambronte@tamara_abualhsan
@neelptl2602 Thanks! You hit the nail on the head! We're seeing vibe coders use Corgea to prevent being in that exact situation. It's a security agent for your coding agents.
Report
@neelptl2602@ahmad_sadeddin Precisely as you stated. Now builders don't have to worry about having security issues in their products. Amazing!!!
Very cool idea! Love that you’re tackling security in the dev workflow before it becomes a post-deploy nightmare.
Curious if there’s a way to expose any of these checks via webhook or API? Could be fun to integrate with something like buildform - we’re seeing dev teams use it to build quick internal tools, and it’d be slick to have auto-security validation baked into the form logic layer.
🚀 Hello Product Hunt! We’re thrilled to introduce Corgea 🐕 – the AI-powered developer platform that automatically finds, and fixes insecure code. 🛠️
Why Corgea?
Developers just want to ship code without worrying about security. Traditional tools miss a lot of vulnerabilities and don’t help fix issues when they're found. Corgea changes that. Instead Corgea uses LLMs to review your code to find vulnerabilities, and writes the security fix for you to approve it.
What makes Corgea special?
🔍 Finds what matters: Corgea detects business logic flaws, API security issues, broken auth and critical vulnerabilities that is often missed. 🪄 Fixes the code for you: AI-generated fixes allow developers to fix security flaws instantly within their workflows. 🚫 No more alert fatigue: Our AI automatically triages findings, filtering out false positives and low-priority vulnerabilities. 🔗 Integrates where you work: Works seamlessly with GitHub, GitLab, Azure DevOps, IDEs, and CI/CD pipelines. 🦺 Built for real-world security: Corgea supports 900+ CWEs across Python, JavaScript, Typescript, Ruby, Go, Java, Kotlin, C, C++, PHP, C#, and their frameworks.
Hundreds of users signing, and feedback has been phenomenal. Our team is shipping fast, constantly improving detection and fix capabilities.
🔥 Exclusive for the PH Community! 🔥 Get 50% off our plans if you sign up in April to Mid-May! Secure your spot now: https://corgea.app
@k_piotr Thanks! It's very fast ~1 million lines of code in 20 mins. We don't need to scan all files. Corgea intelligently gathers the right context and skips files that aren't source code or are relevant like migrations. Give it a try and let me know.
Report
very useful one for developers and owners. Does it only check when take a pull request or it solve errors based on entire codebase?
Congratulations on the launch of Corgea! This platform addresses a crucial need for developers to balance speed and security. How does Corgea’s AI identify and prioritize vulnerabilities in code, and what is the process for fixing them automatically?
1- Corgea uses LLMs as part of it's scanning process which helps it understand meaning and context to identify vulnerabilities, which is why we're able to detect vulnerabilities that were previously undetectable. This is a great article that show that. 2- For auto-fixing, we spent a crazy amount of time building a robust pipeline with LLMs and static analysis to make sure quality was over 90% which is why we were named the leader in this report.
Report
Looks super helpful for devs trying to balance speed and security. How customizable is the tool when it comes to fixing code - can users review and approve changes before they’re applied?
I think a product like this will fit directly into a vibe coder's toolkit - much needed. Am curious though - as someone non-technical, are there ways you've built in that I can trust that your AI hasn't introduced different issues while trying to fix issues introduced by another AI that wrote the original code :)
@ragsontherocks thanks! that's definitely a great question. We've built a pipeline to focus on quality and helping ensure things don't break along the way. However, there are certain pieces of context we don't have and we recommend reviewing the changes before applying them.
Replies
SyncSignature
Oh yea! This could really benefit vibe coders! I saw a couple of tweets of builders/makers having to rewrite their whole products due to compromised security. Great one @garrytan @ahmad_sadeddin @adambronte @tamara_abualhsan
Corgea
@neelptl2602 Thanks! You hit the nail on the head! We're seeing vibe coders use Corgea to prevent being in that exact situation. It's a security agent for your coding agents.
@neelptl2602 @ahmad_sadeddin Precisely as you stated. Now builders don't have to worry about having security issues in their products. Amazing!!!
Donely
Very cool idea! Love that you’re tackling security in the dev workflow before it becomes a post-deploy nightmare.
Curious if there’s a way to expose any of these checks via webhook or API? Could be fun to integrate with something like buildform - we’re seeing dev teams use it to build quick internal tools, and it’d be slick to have auto-security validation baked into the form logic layer.
Congrats on the launch! 🛡️
Corgea
@stanlyya thank you Harsha! You're absolutely correct, catching these before is much easier to correct.
Yes, you can absolutely perform these checks using our CLI and APIs.
https://docs.corgea.app/cli
https://docs.corgea.app/new_api
Corgea
🚀 Hello Product Hunt! We’re thrilled to introduce Corgea 🐕 – the AI-powered developer platform that automatically finds, and fixes insecure code. 🛠️
Why Corgea?
Developers just want to ship code without worrying about security. Traditional tools miss a lot of vulnerabilities and don’t help fix issues when they're found. Corgea changes that. Instead Corgea uses LLMs to review your code to find vulnerabilities, and writes the security fix for you to approve it.
What makes Corgea special?
🔍 Finds what matters: Corgea detects business logic flaws, API security issues, broken auth and critical vulnerabilities that is often missed.
🪄 Fixes the code for you: AI-generated fixes allow developers to fix security flaws instantly within their workflows.
🚫 No more alert fatigue: Our AI automatically triages findings, filtering out false positives and low-priority vulnerabilities.
🔗 Integrates where you work: Works seamlessly with GitHub, GitLab, Azure DevOps, IDEs, and CI/CD pipelines.
🦺 Built for real-world security: Corgea supports 900+ CWEs across Python, JavaScript, Typescript, Ruby, Go, Java, Kotlin, C, C++, PHP, C#, and their frameworks.
Hundreds of users signing, and feedback has been phenomenal. Our team is shipping fast, constantly improving detection and fix capabilities.
🔥 Exclusive for the PH Community! 🔥
Get 50% off our plans if you sign up in April to Mid-May! Secure your spot now: https://corgea.app
Thank you @garrytan for hunting us!
DocsHound
Really nice idea. How long does it take to scan a larger project eg 6k+ source files?
Corgea
@k_piotr Thanks! It's very fast ~1 million lines of code in 20 mins. We don't need to scan all files. Corgea intelligently gathers the right context and skips files that aren't source code or are relevant like migrations. Give it a try and let me know.
very useful one for developers and owners. Does it only check when take a pull request or it solve errors based on entire codebase?
Corgea
@replibee thanks! you can do both on PR and full codebase scan.
@ahmad_sadeddin this is amazing
An interesting concept. upvoted and bookmarked. good luck with the launch, team @Corgea
Corgea
@taniabell thank you!
Congratulations on the launch of Corgea! This platform addresses a crucial need for developers to balance speed and security. How does Corgea’s AI identify and prioritize vulnerabilities in code, and what is the process for fixing them automatically?
Corgea
@ica_lestari Thanks! Great questions:
1- Corgea uses LLMs as part of it's scanning process which helps it understand meaning and context to identify vulnerabilities, which is why we're able to detect vulnerabilities that were previously undetectable. This is a great article that show that.
2- For auto-fixing, we spent a crazy amount of time building a robust pipeline with LLMs and static analysis to make sure quality was over 90% which is why we were named the leader in this report.
Looks super helpful for devs trying to balance speed and security. How customizable is the tool when it comes to fixing code - can users review and approve changes before they’re applied?
Corgea
@antonyo_demydov thanks! We never merge code automatically and you can definitely customize and approve the changes before their applied.
Jo
I think a product like this will fit directly into a vibe coder's toolkit - much needed. Am curious though - as someone non-technical, are there ways you've built in that I can trust that your AI hasn't introduced different issues while trying to fix issues introduced by another AI that wrote the original code :)
Corgea
@ragsontherocks thanks! that's definitely a great question. We've built a pipeline to focus on quality and helping ensure things don't break along the way. However, there are certain pieces of context we don't have and we recommend reviewing the changes before applying them.
Build Check
Corgea
@german_merlo1 thanks!