Traditional security scanners understand code. codelake understands applications — how the call graph flows, what's actually reachable from the internet, which findings would survive a real attack, and how compliance evidence maps to the code that earns it.
codelake runs 30+ industry scanners across code, dependencies, cloud and runtime, correlates every result into one exploit graph — then ships the fix as a reviewable PR. One platform, one queue, no alert fatigue.
Six product clusters behind a single backend and a single graph:
- SECURITY — Scans, findings, dependencies, monitoring & reports
- INTELLIGENCE — Code intelligence, AI tools & security Q&A
- PRIVACY — GDPR program: RoPA, DPIA, DSR & Erasure Map
- ISMS — ISO 27001: SoA, risk register & policies
- COMPLIANCE — 10 frameworks, 760 controls, evidence pinned (SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, NIS2, DORA, BSI, TISAX, C5)
- PLATFORM — Settings, integrations, team, billing & API keys
Developer surfaces so the platform meets engineers where they work:
- CLI with offline scan, LSP daemon, MCP server, agent-loop review
- IDE plugins for VS Code and JetBrains
- Stand-alone npm package that bridges Claude Code / Cursor / Windsurf to the codelake API
/codelake-*slash-commands for AI tools
Stand-alone products in adjacent niches:
- QuickAudit at quickaudit.dev — free-tier web scanner
- MCP Scanner at mcpscanner.dev — security review for MCP server implementations
- LicScan at licscan.dev — open-source license & EU CRA compliance scanner
Found a vulnerability in any codelake property? We have a structured response policy:
- Machine-readable:
codelake.dev/secrets.json(response targets, scope, safe harbor) - Email: security@codelake.dev
- Response targets: Critical 4h · High 24h · Medium 7d · Low 30d
Most of this org is private — the source for the platform and standalone products is closed. A subset of distribution-strategic libraries (CLI, MCP server bridge, IDE plugins, Shield RASP SDKs, error-tracking SDKs) is MIT-licensed so adoption stays frictionless. Public repos appear in the list below this README; private ones power the products described above.
- Product: codelake.dev
- Support: hello@codelake.dev
- Issues: per-repo within this org
codelake is operated by codelake Technologies LLC, an Akyros Labs brand. codelake.dev · hello@codelake.dev