Introduction
Learn what SecurityChecks is and how it helps you find security vulnerabilities in your code.
Introduction to SecurityChecks
SecurityChecks is a security auditing tool that helps development teams find and fix security vulnerabilities before they reach production. Unlike traditional static analysis tools, SecurityChecks focuses on backend invariants - the security patterns that AI code generators often get wrong.
What We Check For
SecurityChecks audits your code for critical security patterns:
P0 (Critical) Issues
- Missing Authorization Checks - Endpoints that don't verify user permissions
- Missing Rate Limiting - APIs vulnerable to abuse and DDoS attacks
- Race Conditions - Transaction-unsafe code that can be exploited
- Missing Idempotency - Webhook handlers that can process events multiple times
- Missing Input Validation - Endpoints that don't validate or sanitize inputs
P1 (Important) Issues
- Missing Cache Invalidation - Stale permission data after access changes
- Missing Audit Logging - Security-sensitive actions without records
- Hardcoded Secrets - API keys and passwords in source code
- Missing Error Handling - Unhandled errors that could expose stack traces
- Insecure Defaults - Security features disabled by default
How It Works
- Scan Your Code - Point SecurityChecks at your repository
- Automated Analysis - Our engine extracts and analyzes patterns
- Actionable Findings - Get detailed reports with fix suggestions
- CI/CD Integration - Block PRs that introduce vulnerabilities
Getting Started
There are several ways to use SecurityChecks:
CLI (Local Development)
# Install the CLI
npm install -g @securitychecks/cli
# Run a scan
scheck run
# See what's being checked
scheck explain P0-MISSING-AUTHZ
Dashboard (Team Collaboration)
Sign up at securitychecks.ai to:
- Track findings across projects
- Manage team access
- Set up automated scans on push
- View historical trends
CI/CD Integration
Add SecurityChecks to your GitHub Actions workflow:
- name: SecurityChecks
run: |
npm install -g @securitychecks/cli
scheck run --project ${{ vars.PROJECT_SLUG }} --api-key ${{ secrets.SC_API_KEY }}
Next Steps
- Quick Start Guide - Get scanning in 5 minutes
- CLI Reference - All CLI commands and options
- API Reference - Integrate with our API
- Invariant Explanations - Understand what we check