Starter
$199/mo
Monthly scans for one organization. AI attack-path report, SARIF and Markdown exports.
Start with the pressure: sales, launch, abuse, agents, data, or guardrails
SecEng Workbench · AI Attack-Path SAST
Scan code, prompts, RAG, agents, MCP, tool-calling systems, and CI/CD for source-to-sink AI attack paths teams can fix. SecEng Code Scanner groups source/sink signals into AI attack paths, produces safe validation plans, exports SARIF, VS Code, Jira, and Markdown evidence, and supports buyer or marketplace review without overstating exploitability.
AI-native SAST
Static signals grouped into attack paths instead of noisy line-by-line findings.
MCP / RAG / agents
Targets LLM apps, RAG workflows, browser agents, AI coding agents, and tool-calling systems.
SARIF / VS Code / Jira
Exports developer-ready diagnostics, tickets, and evidence with the language teams already use.
Marketplace-ready evidence
Supports AppExchange, AgentExchange, Splunkbase, GitHub, VS Code, and CI readiness workflows without claiming certification.
Early access
Licensed tooling plus Workbench-backed delivery for teams that need speed now.
SecEng Workbench · AI Attack-Path SAST
SecEng Code Scanner
Attack-path SAST
Static signals grouped into source → sink → missing-guard paths.
Attack-path evidence
Validation evidence for app review, pre-submission, and buyer security review.
CVE candidate triage
Rank likely research candidates without overstating exploitability.
Developer exports
SARIF, VS Code diagnostics, Jira tickets, Markdown, and control matrices.
Attack-path SAST
Static signals grouped into source → sink → missing-guard paths
Marketplace readiness
Evidence for app review, buyer review, and submission blockers
CVE candidate triage
Rank likely research candidates without overclaiming
SARIF / VS Code / Jira
Developer exports and remediation queues
Core capabilities
Identify MCP servers, RAG systems, browser agents, AI coding agents, tool-calling apps, AI gateways, and model supply-chain surfaces before scanning deeper.
Extract entrypoints, sources, sinks, guards, missing controls, framework signals, and path context from AI code.
Compress noisy static findings into prioritized AI attack paths: model/tool/source/sink/guard relationships that engineering teams can review and fix.
Separate vulnerability candidates from commercial control gaps, test-only noise, and low-context static signals.
Generate mock-first harness plans for MCP tools, browser actions, RAG tenant boundaries, model JSON dispatch, prompt logging, and unsafe render paths.
Export SARIF, VS Code diagnostics, Jira-ready tickets, disclosure case drafts, control matrices, and buyer evidence packages.
Evidence & signals
Risk Classes
Outputs
Evidence Levels
Red team + Blue team
Red Team Use
Blue Team Use
Risk classes
Code Scanner looks for the places where AI code creates delegated action, data exposure, unsafe rendering, policy bypass, or evidence gaps. The output is not a pile of raw static findings. It is a review path.
MCP tool side effects without approval
Browser-agent actions without domain or action policy
RAG/vector retrieval without tenant boundaries
Model-generated JSON controlling trusted actions
Prompt, log, trace, and cache exposure before redaction
Streaming model output rendered as unsafe HTML or markdown
AI gateway auth, budget, and model-policy gaps
Unsafe model artifact loading and unpinned supply-chain paths
Missing forensic evidence for AI actions
Outputs
The deliverable set is built for engineering, pre-submission validation, buyer security review, and disclosure triage when the evidence supports it.
AI Code Attack-Path Report
CVE Candidate Register
Safe Validation Plan
Harness Plan
Disclosure Case Draft
Developer Export & Remediation Evidence Pack
Pre-Submission Evidence Pack
Control Matrix
Jira Tickets
VS Code Diagnostics
SARIF
Differentiation
Classic SAST emits findings. SecEng Code Scanner emits AI attack paths: where model output, tools, source data, sinks, and missing guards combine into reviewable risk.
Generic SAST
dangerous calls
SecEng Code Scanner
model/tool/source/sink/guard paths
Generic SAST
raw findings
SecEng Code Scanner
prioritized AI attack paths
Generic SAST
generic remediation
SecEng Code Scanner
Jira-ready fixes and control evidence
Generic SAST
pass/fail output
SecEng Code Scanner
validation plans, CVE candidates, and marketplace evidence
Evidence levels stay explicit
SecEng Code Scanner does not claim every static result is exploitable. Findings are labeled by evidence level so product, security, legal, and engineering teams know what can be said, what needs validation, and what belongs in a private remediation backlog.
CVE-likelihood scoring identifies candidates for private validation and pre-disclosure review. It does not constitute a CVE assignment, official vulnerability confirmation, or disclosure recommendation. Human review by a qualified practitioner is required before any submission to a CVE numbering authority or public disclosure program.
Pre-submission and review evidence
Use Code Scanner for pre-submission evidence packs, submission blocker reports, buyer security review artifacts, and remediation planning for AI-enabled apps, managed packages, partner apps, extensions, and integrations.
It supports pre-submission and validation workflows. It does not replace official Salesforce, Splunk, GitHub, AWS, partner, or marketplace security review.
Architecture
SecEng Code Scanner combines native AI security rules, source-context enrichment, path grouping, validation planning, and evidence export. It can also ingest customer-owned scanner output when the customer has the right to use it.
Import support does not mean SecEng bundles or resells third-party commercial tools or maintained rule sets.
Engine stages
Inputs it can consume
Commercial paths
Consulting-backed for teams that need expert triage now. Licensed tooling for ongoing scanning. OEM for scanner vendors who need the AI detection layer.
Expert Review
Scanner runs inside a Launch Security Review, red-team engagement, or product security assessment. Code risk turned into buyer-ready findings with human triage.
Start No-Cost ScopingRepeatable Scanning
Recurring scanning across your organization. Developer exports, Jira backlog integration, SARIF, VS Code diagnostics, and safe validation plans.
View PricingScanner Providers · MSSP
SecEng Scan as a white-label AI detection layer for your tool. SARIF-native output, headless binary or localhost sidecar, no scanner rebuild required.
Request OEM PacketOEM and scanner-provider packaging
SecEng Scan adds the AI layer. Packaged as a headless binary, localhost sidecar, private worker, or white-label module. Outputs in SARIF, JSON, Markdown, and evidence bundles that fit the existing scanner workflow — no shared code ownership, no scanner rebuild required.
SecEng Scan outputs are designed for scanner-native ingestion and human-reviewed triage. Findings flow into the partner's existing review workflow — not directly to end customers as automated claims.
Pricing & access
Use a license for repeatable scanning and developer exports, or scope a Workbench-backed review when a marketplace submission, enterprise buyer, or disclosure candidate needs human triage.
Starter
$199/mo
Monthly scans for one organization. AI attack-path report, SARIF and Markdown exports.
Team
$499/mo
Weekly scans across your organization. VS Code/SARIF/Jira exports, developer export and validation evidence pack, control matrix, and safe validation plans.
Review Pro
$1,299/mo
Unlimited apps/repos/packages, pre-submission evidence packs, white-label evidence, CVE candidate triage, variant and patch-diff checks.
AI Code Mini-Scan
$149 one-time
Find the top AI attack paths in one private repo. Attack-path report, SARIF, Markdown, and validation plan. No subscription required.
AI SECURITY ENGINEERING WORKBENCH
Start with a licensed scan or scope a Workbench-backed review. We’ll identify AI-native code attack paths, rank the evidence, and produce the remediation and marketplace-readiness artifacts your team can actually use.
Also in the Workbench
WHAT AI DO WE HAVE?
SecEng Surface Scanner
Browser, repo & IDE discovery for AI assets, vendors, and risky patterns.
WHAT DID IT ACTUALLY DO?
SecEng Runtime Proxy
MITM capture, replay & runtime evidence reconstruction.
HOW CAN IT FAIL UNDER ATTACK?
SecEng Adversarial Range
Scenario-driven AI red-team testing for prompts, agents, tools, RAG, and multimodal systems.
WHAT CAN AGENTS ACTUALLY DO?
SecEng Authority Graph
Agent authority, tool permissions, approval paths & delegated-action risk.
WAS RETRIEVAL AUTHORIZED?
SecEng RAG Test Harness
Test retrieval security & context authorization.
WHERE ARE THE TRUST BOUNDARIES?
SecEng Threat Canvas
Structured AI threat modeling, trust-boundary mapping, and abuse-path planning.
WHAT DO OUR PUBLIC AI CLAIMS REVEAL?
SecEng Trust Scanner
Public trust surface scoring across six AI governance dimensions.
WHERE DO TRUST BOUNDARIES LIVE IN JIRA?
Atlassian Threat Canvas
AI threat models that ship to Jira and Confluence.
DO YOUR AGENTS HAVE TOO MUCH PERMISSION?
SecEng Agent Permission Analyzer
Deterministic permission security analysis for AI agent tool configs.
WHAT'S INSIDE YOUR AI ARTIFACTS?
SecEng Artifact Analyzer
Static artifact intelligence for AI security and evidence packaging.
HOW RESILIENT IS YOUR SYSTEM TO INJECTION?
SecEng Injection Harness
Structured prompt injection probes with evidence session export.
ARE YOUR PROMPTS SECURE?
SecEng Prompt Reviewer
Deterministic rule-based scanner for system prompts and RAG corpus documents.
WHO CONTROLS WHAT MODELS CAN DO?
SecEng Model Gateway
Governed AI routing, policy enforcement, and spend control.
WHAT DOES YOUR AI SECURITY PROGRAM LOOK LIKE?
SecEng Program Blueprint Kit
Complete AI security program structure for Jira, Confluence, and Linear.
IS YOUR MODEL OUTPUT SAFE TO RENDER?
SecEng Output Safety Tester
Deterministic AI output safety analysis across 8 sink types.
WHERE DOES YOUR PROGRAM STAND?
AI Security Program Scorecard
14-domain AI product security baseline with evidence pack generation.
WHAT CAN YOUR AI TOOLS REALLY DO?
SecEng Tool Capsule Analyzer
Analyze MCP servers, OpenAPI specifications, and AI tool definitions to understand capabilities, permissions, and attack surface.
WHERE ARE YOUR PRODUCTION PROMPTS?
SecEng Prompt Asset Scanner
Inventory and review system prompts, developer prompts, agent instructions, and prompt templates for security risks.
WHAT CAN YOUR AGENTS ACTUALLY DO?
SecEng Agent Authority Diff
Compare declared permissions with observed capabilities to identify excessive agent privileges and unsafe tool access.
WHICH AI DEPENDENCIES CHANGE RELEASE RISK?
SecEng Supply Chain Scanner
Identify AI-specific dependency, model loader, framework, and supply-chain security risks.
CAN YOU PROVE WHAT YOUR EVALS COVER?
SecEng Eval Coverage Auditor
Measure whether AI security evaluations adequately cover prompt injection, tool abuse, RAG, memory, and other critical attack classes.
ARE YOUR AI CONFIGS SAFE TO DEPLOY?
SecEng AI Config Linter
Identify AI-specific dependency, model loader, framework, and supply-chain security risks.
CAN YOU PROVE WHAT YOU'VE DONE?
SecEng Evidence Packs
Buyer-ready evidence artifacts from AI security assessment and testing.