Get Started

Prerequisite You should have an existing scanning tool like Semgrep or Snyk. If you don’t have an existing tool, get started in less than 5 minutes here.

Corgea currently supports Python, Javascript, Typescript, Java, Ruby and Go. See our roadmap.


Register with Corgea:

Start in less than 10 seconds by registering today for free. No credit card required.


Send vulnerability report to Corgea

After registering, you’ll be welcomed with our Quickstart modal.

Pick Snyk or Semgrep to get the command you need to run in the repository you want to fix.

The command you copy will have all the needed functions and your API key.

export CORGEA_TOKEN=<API_KEY>; curl -sSL | bash -s semgrep ci --json

You can alternatively click on “Load Demo” or use following projects are designed to test security tools. Try cloning and fixing them with Corgea. .


Issue Fixes

These are instructions or content that only pertain to the third step.


At Corgea, we’re rentless in our pursuit of high quality code fixes. We conciously limit Corgea to ensure that we are able to deliver on fixes across languages, scanners and code repositories.

Please review Corgea’s limitations.


If you run into any issues getting started, please review the troubleshooting section here.