Everything you need to get started with sec.
Create your account and set up your first workspace. You get a free tier with 1 repo and 5 scans/month.
Link your GitHub repos with a personal access token. Optionally connect AWS with a cross-account IAM role ARN.
Trigger a full scan from the dashboard or use the CLI: npx @sec/cli scan --repo owner/repo
Findings are prioritized by AI-computed risk scores. Use filters to focus on critical and high severity issues.
Add the CLI to your CI pipeline to block merges with critical vulnerabilities: npx @sec/cli scan --fail-on critical
┌─────────────┐ ┌─────────────┐ ┌──────────────┐
│ Web App │────▶│ Fastify API │────▶│ PostgreSQL │
│ (Next.js) │ │ (Node.js) │ │ (Drizzle) │
└─────────────┘ └──────┬──────┘ └──────────────┘
│
┌──────▼──────┐ ┌──────────────┐
│ Workers │────▶│ SQS / Redis │
│ (Node.js) │ └──────────────┘
└──────┬──────┘
│
┌──────▼──────┐ ┌──────────────┐
│ AI Runtime │────▶│ LLM (Claude)│
│ (FastAPI) │ └──────────────┘
└─────────────┘The sec platform exposes a RESTful API with OpenAPI documentation. All endpoints require authentication via API key or JWT.
View Interactive API DocsInstall
npm install -g @sec/cliScan a repo
sec scan --repo owner/repo --api-key sec_xxxCI/CD gating
sec scan --fail-on critical --fail-on highIndian CERT directives for incident reporting and cyber security compliance
Digital Personal Data Protection Act — India's privacy framework
International standard for information security management systems
Reserve Bank of India cybersecurity framework for financial entities
AICPA Trust Services Criteria for security and availability