Skip to main content
Beyond automatic scanning, request AI-powered security analysis for specific files, features, or scenarios.

Agentic Code Analysis (AGENTIC_SAST)

Beyond traditional SAST rules, CodeThreat’s AI can analyze code with human-like intelligence. What it finds that traditional SAST can’t:
  • Authorization flaws (business logic vulnerabilities)
  • Race conditions in concurrent code
  • Complex authentication bypass vectors
  • Business logic vulnerabilities
  • Context-dependent security issues

When to Use Agentic Analysis

Critical Features

Deep analysis of authentication, payment processing, admin functions

Pre-Release Audits

Comprehensive review before deploying to production

Incident Investigation

Understand how a vulnerability was introduced

Fix Verification

Verify security fixes actually eliminate the vulnerability

Request Analysis

1

Navigate to Repository

Open the repository you want to analyze
2

Click Security Analysis

Click AI Security Analysis in the repository menu
3

Choose Scope

Select what to analyze:
  • Specific file
  • Directory
  • Feature (related files)
  • Full repository
4

Specify Focus (Optional)

Provide context like:
  • “Analyze authentication logic for bypass vulnerabilities”
  • “Review payment processing for security issues”
  • “Check if admin endpoints are properly protected”
5

Submit Request

Click Request Analysis
6

Review Results

Results appear in AI Analysis Reports tab, typically within 5-15 minutes

Analysis Report

AI-generated security analysis report includes:

Executive Summary

  • Overall security posture
  • Critical, High, Medium, Low issue counts
  • Key findings summary
  • Analysis duration

Detailed Findings

Each finding includes:
  • Vulnerability description: Clear explanation
  • Location: File, line number, code snippet
  • Attack scenario: How an attacker could exploit this
  • Impact: What data/functionality is at risk
  • Recommendation: Specific steps to fix
  • Code example: Secure implementation
  • Priority: Critical, High, Medium, Low
  • Confidence: AI’s certainty level

Architecture Insights

  • Security strengths
  • Security weaknesses
  • Recommendations for improvement

Best Practices

  • Use for critical features before release
  • Request analysis after major refactoring
  • Analyze authentication and authorization logic
  • Review payment processing code
  • Verify security fixes are effective

Next Steps

AI Overview

Learn about AI-powered analysis

PR Reviews

AI-powered PR reviews