Spotting flaws in C/C++, Java, Golang and Python code - automagically!
Codyze has been funded by the Bundesamt für Sicherheit in der Informationstechnik (BSI).
The Code Property Graph project is funded by the Bavarian Ministry of Economic Affairs (StMWi).
Codyze is a static analysis tool to support developers in verifying compliance to security requirements.
Head to the release page and download Codyze.
We are happy to accept pull requests for bugfixes and improvements on GitHub!
If you are interested to write a bachelor/master/PhD thesis in static analysis, we encourage you to get in contact with us. Besides the open research topics offered by the Chair of IT Security at the Technical University of Munich , we are open to discuss further topics which might be of interest for you and us.
Codyze is a non-profit project under a commercial-friendly open source license. We are happy to either improve and extend Codyze in funded research projects or build a tailored version for your enterprise.
We offer tailoring and integration of Codyze into your CI pipeline or audit processes. This includes development of rule sets for specific software platforms (Java EE, Spring, Android, Boost, etc.), development of interfaces to standard CI tools (Gitlab CI, Jenkins, Bamboo, Sonarqube, etc.), and development of additional analyses tailored to your needs. The results will not be public and remain solely at your disposal.
We regularly participate in publicly funded research projects at state, nation, and EU level. If you are interested in pushing the boundaries in static code analysis with us, we are happy to explore funding opportunities together with you.