Codyze: Automated Code Compliance

Spotting flaws in C/C++, Java, Golang and Python code - automagically!

Codyze has been funded by the Bundesamt für Sicherheit in der Informationstechnik (BSI).
The Code Property Graph project is funded by the Bavarian Ministry of Economic Affairs (StMWi).

Verifying Compliance to Security Requirements

Codyze is a static analysis tool to support developers in verifying compliance to security requirements.

Head to the release page and download Codyze.

Sparked your Interest? Join the Codyze Community!

Develop and Contribute

We are happy to accept pull requests for bugfixes and improvements on GitHub!

If you are interested to write a bachelor/master/PhD thesis in static analysis, we encourage you to get in contact with us. Besides the open research topics offered by the Chair of IT Security at the Technical University of Munich , we are open to discuss further topics which might be of interest for you and us.

Funding and Collaboration

Codyze is a non-profit project under a commercial-friendly open source license. We are happy to either improve and extend Codyze in funded research projects or build a tailored version for your enterprise.

Commercial Development

We offer tailoring and integration of Codyze into your CI pipeline or audit processes. This includes development of rule sets for specific software platforms (Java EE, Spring, Android, Boost, etc.), development of interfaces to standard CI tools (Gitlab CI, Jenkins, Bamboo, Sonarqube, etc.), and development of additional analyses tailored to your needs. The results will not be public and remain solely at your disposal.

Research Collaboration

We regularly participate in publicly funded research projects at state, nation, and EU level. If you are interested in pushing the boundaries in static code analysis with us, we are happy to explore funding opportunities together with you.