Develop Easier, Faster, and Secure Cloud Native Applications

Visualize, analyze and secure the cloud resources and data-flows
of your code with every change.

SIGN UP FOR FREE
...

> Automated AWS Resource Diagrams

Visualize your Infrastructure & Data Flow

Get an overview of which JSON objects and data your AWS resources exchange. CodesShield generates easy to understand architecture diagrams directly from your SAM, CloudFormation files and source code.
Use them to easily troubleshoot API and security issues, verify your implementation or visualize your architecture for QA and audits.

To provide detailed insights, CodeShield applies static-analysis to track the data flow between your Lambda functions and the cloud infrastructure.

Learn more
Dashboard visualizing AWS resources Dashboard visualizing data flow between resources

user:~$ OWASP SAS-10 Security Analysis

Follow the Data within your AWS Infrastructure - Across Events, Lambdas, and Tables.

Know your sensitive data-flows better than your attacker. Detect event-data injections during development.

CodeShield discovers OWASP SAS-10 vulnerabilities even if they span across multiple functions. Vulnerabilities are visualized in your architecture and your code.

Learn more
Dashboard with security warnings

Open-Source Security_

Manage your Open-Source Dependencies

Get informed about known vulnerabilities in used open-source software immediately.

CodeShield detects known vulnerabilities (CVEs) in the used open-source software, assesses their risk, and suggests updates.

Learn more
Dashboard visualizing AWS resources Dashboard suggest fix for vulnerable OSS dependencies

Leverage your Technologies

AWS SAM

AWS Cloud

Connect CodeShield to your AWS Cloud API.

AWS SAM

AWS SAM

Analyse the configuration of your AWS Serverless Application Model (SAM) files.

AWS CloudFormation

AWS CloudFormation

Analyse the configuration of your AWS CloudFormation files.

Java

Java

Run code analysis on your Java source-/bytecode.

JavaScript

Node.js

Run code analysis on your node.js code.

GitHub

GitHub

Integrate with GitHub.

Recent Posts

Read more

How to Prevent Code Injection Vulnerabilities in Serverless Applications (Part 2/2)

By Manuel Benz on February 8, 2021

This article is part two of a series on how to prevent code injection attacks against Serverless applications using AWS Web application firewalls.

Read more

How to Prevent Code Injection Vulnerabilities in Serverless Applications (Part 1/2)

By Manuel Benz on November 25, 2020

This article is part one of a series on how to prevent code injection attacks against Serverless applications using AWS Web application firewalls.

Read more

ServerlessGoat Java

By Andreas Dann on November 6, 2020

We released an Java adaption of the OWASP Serverless Goat in our GitHub Repo.

Read more

The Myth of False Positives in Static Application Security Testing

By Johannes Späth on October 26, 2020

In this article, we explain the myth behind false positives and discuss two types of false positives.

Supporter

Secure your Cloud Native Application now!

SIGN UP