> ## Documentation Index
> Fetch the complete documentation index at: https://docs.corgea.app/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Welcome to Corgea's documentation.

## A letter from the Corgea team

Welcome to Corgea,

Corgea is an AI-powered application security agent platform built for developers. We help you find and fix security vulnerabilities in your code with precision and speed. In developer terms, think of Corgea as an **AI-powered security agent** that integrates directly into your workflow.

We built Corgea because application security tools were designed for security teams, not developers. Yet developers are the ones responsible for securing their applications. This disconnect creates friction, noise, and wasted time.

Our AI doesn't just detect vulnerabilities; it understands your code's context, reduces false positives, and generates fixes that actually work. What makes Corgea special is our use of advanced AI combined with static code analysis to detect and fix hard-to-find vulnerabilities—including business logic flaws, authentication issues, and complex code vulnerabilities that traditional tools miss.

We're excited to have you here and to be part of your security journey.

Sincerely,

[The Corgea Team](https://corgea.com/about)

## What can Corgea do?

<AccordionGroup>
  <Accordion title="AI-native SAST (BLAST)" icon="radar">
    Our flagship scanner uses advanced AI to detect security vulnerabilities that traditional SAST tools miss. BLAST excels at finding:

    * **Business logic vulnerabilities**: Authentication flaws, authorization issues, and complex business logic bugs
    * **Code vulnerabilities**: SQL injection, XSS, command injection, and 100+ other vulnerability types
    * **Context-aware detection**: Understands your code's context to minimize false positives

    [Learn more about AI-native SAST](blast)
  </Accordion>

  <Accordion title="Dependency Scanning (SCA)" icon="boxes-stacked">
    Automatically identify known security vulnerabilities in your third-party dependencies across 25+ programming languages and ecosystems. Get detailed CVE information, CVSS scores, and remediation guidance.

    <Tip>Supports 25+ programming languages and ecosystems</Tip>

    [Learn more about Dependency Scanning](sca)
  </Accordion>

  <Accordion title="Infrastructure as Code (IaC) Scanning" icon="cloud">
    Detect security misconfigurations and exposed secrets in your infrastructure code before deployment. Supports Kubernetes, Terraform, Docker, CloudFormation, Azure ARM Templates, and Helm charts.

    [Learn more about IaC Scanning](iac)
  </Accordion>

  <Accordion title="Secret Scanning" icon="key">
    Detect hardcoded credentials, API keys, tokens, and sensitive information in your codebase before they reach production. Uses pattern matching, entropy analysis, and AI-powered contextual understanding.

    [Learn more about Secret Scanning](secret-scanning)
  </Accordion>

  <Accordion title="AI-Powered Remediation" icon="wand-magic-sparkles">
    For every vulnerability detected, Corgea generates context-aware fixes that integrate with your existing codebase. Our AI analyzes your code patterns, frameworks, and security controls to provide fixes that actually work.

    [Learn more about Fixes](fixes)
  </Accordion>

  <Accordion title="False Positive Detection" icon="filter">
    Corgea automatically analyzes vulnerabilities to identify false positives, considering your infrastructure, security controls, and code context. This dramatically reduces noise and lets you focus on real issues.

    [Learn more about False Positive Detection](false_positive)
  </Accordion>

  <Accordion title="PolicyIQ" icon="brain">
    Enrich Corgea with your business context, security architecture, and environment-specific requirements. Custom policies help Corgea understand your unique infrastructure and generate more accurate findings and fixes.

    [Learn more about PolicyIQ](policies)
  </Accordion>
</AccordionGroup>

## Get Started

<Steps>
  <Step title="Quick Setup">
    <CardGroup cols={2}>
      <Card title="Quickstart Guide" icon="rocket" href="quickstart">
        Get started with Corgea in less than 5 minutes
      </Card>

      <Card title="Install GitHub App" icon="github" href="/github">
        Connect your GitHub repositories and start securing your code
      </Card>
    </CardGroup>
  </Step>

  <Step title="Configure & Customize">
    Review the features below to configure Corgea for your team's specific needs and security requirements.
  </Step>
</Steps>

## Learn More

<CardGroup cols={2}>
  <Card title="Apply Fixes" icon="code" href="fixes">
    Learn how to review and apply AI-generated security fixes
  </Card>

  <Card title="Blocking Rules" icon="shield-halved" href="blocking_rules">
    Enforce security standards by blocking non-compliant PRs
  </Card>

  <Card title="Team Management" icon="users" href="user_management">
    Add team members and manage access permissions
  </Card>

  <Card title="Security" icon="lock" href="security">
    Learn about our security practices and compliance
  </Card>
</CardGroup>