PullGuard is a SAST code-security scanner built for AI-assisted development. It catches what AI coding introduces — secrets leaking into LLM prompts, prompt-injection data flows, disabled AI safety guardrails, "hallucinated" dependencies — plus the classic vulnerabilities, exploit-aware CVEs (EPSS + CISA KEV), and compliance gaps you already scan for. Results appear right in your PR.
One GitHub-native tool replaces Semgrep + SonarQube + Snyk + StepSecurity + GitGuardian — and adds the AI-era security layer none of them have. Your code never leaves your runners.
Free tier — no signup, no card. Add one workflow file and open a PR.
Docker container on your own GitHub Actions runners. Source code is never transmitted, stored, or seen by PullGuard servers. Data-residency and air-gapped-friendly by design.
SOC 2 (8 controls), HIPAA Technical Safeguards, PCI DSS 4.0, NIST 800-53 Rev 5, ISO 27001:2022 — a PASS / CONCERN / FAIL rollup per framework on every PR, with full per-control tables (AICPA / NIST citation text) opt-in via compliance: in .driftrc.yml.
Every finding is built to be actionable — findings split actionable vs observational, and false positives are treated as bugs: closed structurally with regression tests. 2,900+ automated tests back every claim on this page; CI rejects marketing drift. OWASP Top 10 coverage validated across 18 vulnerability fixtures head-to-head with Semgrep Pro.
Business Source License 1.1 → Apache 2.0 in 2030. Enterprise MSA with reverse-engineering prohibition + DPA. 4 business-hour response SLA for Enterprise; SSO (SAML / OIDC) and RBAC included. Tamper-proof audit logs & export on the roadmap.
Prove what you run — and run something harder: signed build provenance on the image you pull, plus a structured internal red-team pass across the whole product.
docker buildx imagetools inspect.✓ Every capability claim on this page is backed by a runnable test. Verify any of it in CI — not marketing copy, auditable code.
Security, AI-era threats, supply chain, compliance, code quality, and cost — caught automatically on every pull request, with file, line, severity, and remediation steps. No new tools to wire up, no findings wall: just what to fix and what it's worth.
/api/export · unauthenticated + tainted = critical/pullguard ignore <rule-id> opens a follow-up PR linking the original finding for audit trailMost teams need Semgrep for SAST + SonarQube for quality + Snyk for CVEs. PullGuard combines all three.
✓ Verified parity against 8 competitor categories (73 fixtures) — 100% OWASP parity with Semgrep Pro (18/18)
| Capability | PullGuard | Semgrep | SonarQube | Snyk |
|---|---|---|---|---|
| OWASP Top 10 detection | 15 checks | Pro ($) | Enterprise ($) | Yes |
| Inter-procedural taint | Cross-file | Pro ($) | Enterprise ($) | Yes |
| Code quality analysis | 13 analyzers | No | Core | No |
| Dependency CVE scanning | 5 ecosystems | No | No | Core |
| Cost estimation | $/finding | No | No | No |
| SOC 2 security evidence | 8 controls | No | Enterprise ($) | No |
| Multi-framework compliance (HIPAA / PCI / NIST / ISO 27001) | All 4 | No | No | No |
| AI-era risk + AI×security composite | risk + composite | No | No | No |
| PR-delta / baselines (Clean as You Code) | Yes | Yes | Yes | Yes |
| Air-gapped reports & dashboard | Self-contained HTML | SaaS | Server | Cloud only |
| Self-hosted / air-gapped | Docker (static key required) | Yes | Yes | Cloud only |
PullGuard surfaces the right information for the right stakeholders — so procurement, security review, and rollout happen in parallel, not in sequence.
100% OWASP Top 10 parity with Semgrep Pro. Cross-file taint tracking across 7 languages. Pwn-request, script injection, and token over-permissions detection — top CI/CD supply-chain vectors. Dependency CVE scanning across 5 ecosystems, offline-capable. Replaces Semgrep + Snyk + StepSecurity + GitGuardian with one tool, one install, one invoice.
Dollar amounts on tech debt ("$560K to fix everything"). Grade trends over time with ETA-to-Grade-A predictions. Knowledge-silo risk flags single-contributor files. Breaking-change detection with caller blast-radius. AI-era risk detection catches hallucinated dependencies, secret-to-LLM leaks, and insecure defaults. Budget conversations backed by per-finding estimates — not vibes.
Five compliance frameworks on every PR: SOC 2 (8 controls), HIPAA Technical Safeguards, PCI DSS 4.0, NIST 800-53 Rev 5, ISO 27001:2022. PASS / CONCERN / FAIL per control with AICPA / NIST citation text — continuous Type II-ready evidence. Per-PR posture delta: "CC3.2 CONCERN→PASS ✅". Risk register with 7-day-critical / 30-day-major SLA fields. MSA-ready enterprise contracts with reverse-engineering prohibition + DPA.
Below is the actual Step Summary PullGuard renders in GitHub Actions on every PR. This is a Team-tier scan showing all 44 analyzers running on a well-maintained codebase. The same layout appears for any repo — green when you're clean, with drill-down details when you're not.
| Category | Grade | Findings | Change |
|---|---|---|---|
| Security (15 OWASP checks) | A | 0 | — |
| Supply Chain (Actions + Dockerfile + git history) | A | 0 | — |
| Dependencies (5 CVE ecosystems) | A | 0 | — |
| Code Quality | A | 0 | — |
| Architecture | A | 0 | — |
| Testing | A | 0 | — |
| Compliance (SOC 2) | A | 0 | — |
| AI Code Detection | A | 0 | — |
| Git History | A | 0 | — |
| Type Coverage | A | 0 | — |
| Severity | Count | Est. Fix Cost |
|---|---|---|
| Critical | 0 | $0 |
| Major | 0 | $0 |
| Moderate | 0 | $0 |
| Total | 0 | $0 |
| Control | Status | Evidence |
|---|---|---|
| CC3.1 (Risk Assessment) | ✅ PASS | No unmitigated security findings |
| CC3.2 (Fraud Risk) | ✅ PASS | No hardcoded credentials or historical secrets |
| CC4.1 (Continuous Monitoring) | ✅ PASS | Per-PR scans + trend tracking provide ongoing evidence |
| CC6.1 (Logical Access) | ✅ PASS | No authentication or authorization weaknesses |
| CC6.2 (Authentication) | ✅ PASS | No weak / missing auth on identified endpoints |
| CC6.7 (Cryptographic Controls) | ✅ PASS | No insecure crypto, weak RNG, or timing-attack vectors |
| CC6.8 (Unauthorized Software Prevention) | ✅ PASS | All dependencies current, no unpinned GHA, no risky Dockerfile patterns |
| CC8.2 (Change Impact Analysis) | ✅ PASS | Breaking-change detection + caller blast radius surfaced |
This is the same Step Summary you'll see in your GitHub Actions tab on every PR. Enterprise evaluators: this output renders identically for you during your security-review period — the report shape is a contract, not a teaser.
Self-serve for small teams. Enterprise conversations for larger orgs.
Solo developers & single projects.
Startups & mid-sized engineering teams.
50+ repos, regulated industries, org-wide security.
Need more than Team's 10 repos? Enterprise scales by repository band (50 / 200 / unlimited) with a self-hosted server, SSO, dedicated support, and a signed contract. Ask about competitor migration (Semgrep / SonarQube / Snyk) with preserved rulesets.
No account, no email, no credit card. Add one file to your repo.
name: PullGuard on: [pull_request] permissions: contents: read pull-requests: write jobs: scan: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: pullguard-dev/pullguard-action@v1 # Free: 14 analyzers. Add license-key for Pro (42 of 44) or Team/Enterprise (all 44 + custom rules + 5 compliance frameworks)
Add the workflow file above to your repo. That's the entire setup.
PullGuard scans automatically. Grade, findings, and cost estimate appear in Actions.
Add a license key secret to unlock all 44 analyzers, taint tracking, supply-chain + IaC checks, and SOC 2 evidence.
Free tier — no account required. Pro/Team/Enterprise: hello@pullguard.dev
Security, pricing, languages, AI-code coverage, and compliance — answered.
PullGuard is a SAST (static application security testing) scanner that reviews every GitHub pull request for security, code quality, and compliance issues. It runs as a GitHub Action or Docker container inside your own CI, posts findings as a PR comment and Check Run, and grades the change so problems are caught before they merge.
PullGuard combines what usually takes several tools: OWASP coverage including the LLM and Agentic Top-10, exploit-aware CVE scanning (EPSS plus CISA KEV), cross-file taint tracking across 7 languages, supply-chain and IaC checks, and compliance evidence — all in one GitHub-native tool. Your code never leaves your CI runner.
Yes. The Free tier is $0, includes 14 analyzers, covers unlimited public repositories plus one private repository, and requires no account. Paid tiers (Pro, Team, Enterprise) unlock the full analyzer set, taint tracking, and all compliance frameworks.
PullGuard recognises 67 languages, with deep AST-based taint tracking across 7 of them, including JavaScript and TypeScript, Python, Java, Go, and C#.
Yes, that is a core focus. PullGuard checks the OWASP LLM and Agentic Top-10, flags insecure-by-default and hallucinated-dependency patterns common in AI-generated code, and composes an AI×security risk signal so AI-authored changes get extra scrutiny.
PullGuard can produce AI-authorship provenance markers and security evidence that support your documentation toward frameworks such as the EU AI Act (Article 50) and the NIST AI Risk Management Framework. This is advisory evidence to assist your own compliance process — PullGuard is not a certification and does not by itself make code compliant.
PullGuard maps findings to SOC 2, HIPAA, PCI DSS 4.0, NIST 800-53, and ISO 27001, and surfaces a compliance posture on every pull request.
No. PullGuard runs entirely on your own GitHub Actions runners. Source code, file contents, and analysis results stay in your CI — paid tiers send only a license key and repository name for subscription validation.