Skip to content
@codelake-dev

codelake Technologies LLC

Security intelligence platform. Six modules behind one PR queue: SAST · SCA · secrets · IaC · AI autofix · MCP bridge. codelake.dev

codelake.

Security intelligence platform. Six clusters. One exploit graph.

codelake.dev · hello@codelake.dev


Traditional security scanners understand code. codelake understands applications — how the call graph flows, what's actually reachable from the internet, which findings would survive a real attack, and how compliance evidence maps to the code that earns it.

codelake runs 30+ industry scanners across code, dependencies, cloud and runtime, correlates every result into one exploit graph — then ships the fix as a reviewable PR. One platform, one queue, no alert fatigue.

What we build

Six product clusters behind a single backend and a single graph:

  • SECURITY — Scans, findings, dependencies, monitoring & reports
  • INTELLIGENCE — Code intelligence, AI tools & security Q&A
  • PRIVACY — GDPR program: RoPA, DPIA, DSR & Erasure Map
  • ISMS — ISO 27001: SoA, risk register & policies
  • COMPLIANCE — 10 frameworks, 760 controls, evidence pinned (SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, NIS2, DORA, BSI, TISAX, C5)
  • PLATFORM — Settings, integrations, team, billing & API keys

Developer surfaces so the platform meets engineers where they work:

  • CLI with offline scan, LSP daemon, MCP server, agent-loop review
  • IDE plugins for VS Code and JetBrains
  • Stand-alone npm package that bridges Claude Code / Cursor / Windsurf to the codelake API
  • /codelake-* slash-commands for AI tools

Stand-alone products in adjacent niches:

  • QuickAudit at quickaudit.dev — free-tier web scanner
  • MCP Scanner at mcpscanner.dev — security review for MCP server implementations
  • LicScan at licscan.dev — open-source license & EU CRA compliance scanner

Security disclosure

Found a vulnerability in any codelake property? We have a structured response policy:

Repositories

Most of this org is private — the source for the platform and standalone products is closed. A subset of distribution-strategic libraries (CLI, MCP server bridge, IDE plugins, Shield RASP SDKs, error-tracking SDKs) is MIT-licensed so adoption stays frictionless. Public repos appear in the list below this README; private ones power the products described above.

Contact

codelake is operated by codelake Technologies LLC, an Akyros Labs brand. codelake.dev · hello@codelake.dev

Popular repositories Loading

  1. licscan licscan Public

    Open-source license & compliance scanner for modern codebases — CycloneDX/SPDX SBOMs + EU CRA evidence

    Go 1

  2. .github .github Public

    codelake-dev org defaults — profile README + community health files

  3. homebrew-tap homebrew-tap Public

    Homebrew tap for codelake-dev tools (licscan, …)

    Ruby

  4. licscan-action licscan-action Public

    Official GitHub Action for licscan — open-source license & compliance scanner

Repositories

Showing 4 of 4 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…