​

Corgea Language and Framework Support

​

Overview

Corgea is an AI-powered platform that revolutionizes code security across multiple programming languages and their popular frameworks. It offers comprehensive support for scanning, false positive detection, and auto-fixing, covering approximately 900 Common Weakness Enumerations (CWEs). This ensures your code remains secure, compliant, and efficient throughout your development lifecycle.

​

Supported Languages and Frameworks

Here’s a detailed breakdown of the languages and frameworks currently supported by Corgea:

​

C#

• Native Language Support: Corgea provides robust support for C# language constructs, including LINQ, async/await patterns, and generics.
• Frameworks: .NET, ASP.NET Core, Blazor
• Corgea excels in securing enterprise-level .NET applications, addressing vulnerabilities like improper authentication, insecure deserialization, and CSRF.

​

Python

• Native Language Support: Corgea analyzes Python-specific features such as decorators, context managers, and comprehensions.
• Frameworks: Django, Flask, FastAPI
• Focuses on both web applications and backend services, tackling issues such as SQL injections, XSS, and insecure direct object references.

​

Ruby

• Native Language Support: Corgea understands Ruby’s dynamic nature, including metaprogramming features and blocks.
• Frameworks: Ruby on Rails, Sinatra
• Specializes in identifying and fixing Ruby-specific vulnerabilities, including mass assignment issues, unprotected routes, and insecure file uploads.

​

Go

• Native Language Support: Corgea analyzes Go-specific constructs like goroutines, channels, and interfaces.
• Frameworks: Gin, Echo, Fiber
• Targets Go-specific security concerns, such as race conditions, improper error handling, and insecure use of cryptographic functions.

​

JavaScript & TypeScript

• Native Language Support: Corgea supports both JavaScript and TypeScript, including features like async/await, closures, and TypeScript’s type system.
• Frameworks: Node.js, Express.js, Next.js, NestJS, Angular, React, Vue.js
• Covers both client-side and server-side security, addressing issues like prototype pollution, insecure dependencies, and DOM-based XSS.

​

Java

• Native Language Support: Corgea analyzes Java-specific features such as generics, annotations, and lambda expressions.
• Frameworks: Spring, Jakarta EE, Play Framework
• Focuses on enterprise Java ecosystems, tackling vulnerabilities such as XML external entity (XXE) attacks, LDAP injection, and insecure object deserialization.

​

Key Features Across All Supported Languages

1. Comprehensive Scanning: Corgea’s advanced algorithms scan your codebase to identify potential security vulnerabilities, covering a wide range of CWEs.

2. Intelligent False Positive Detection: Our AI-powered system accurately distinguishes between genuine vulnerabilities and false positives, saving your team valuable time and resources.

3. Automated Fixing: Corgea doesn’t just identify issues—it provides actionable, context-aware fixes that can be applied automatically or reviewed before implementation.

4. Framework-Specific Analysis: Our tool understands the nuances of different frameworks within each language, providing targeted security insights.

5. Continuous Learning: Corgea’s AI model is constantly updated to address new security threats and CWEs as they emerge.

​

Roadmap

We’re committed to expanding our language and framework support. Our upcoming roadmap includes:

• C and C++: To address memory-related vulnerabilities and system-level security issues, including native language features like pointers and manual memory management.
• PHP: Focusing on web application security in PHP ecosystems, with support for PHP’s unique syntax and language constructs.
• Swift: To enhance security in iOS and macOS application development, including Swift-specific features like optionals and protocol extensions.

Stay tuned for updates as we continue to broaden our support, ensuring Corgea remains at the forefront of code security across diverse development environments.