Contact us on +49 5251 60-4980 or

Modern Software is like an Iceberg

Every year, over 13,000 security vulnerabilities are reported, with increasing tendency. A single vulnerability can put a company’s and customer’s private data at risk.
Software is like an iceberg: Only 10% comprises in-house developed code, whereas 90% comprises open source libraries.

10% Application Code

Scan your code for hidden vulnerabilities.

Secure Application

90% Open-Source Libraries

Scan your open-source software for vulnerabilities.

Secure OSS Libraries

Project CodeShield

Implementing secure software systems is harder than ever: most software systems comprise up to 90% of open-source libraries. A secure software engineering process must thus effectively secure the entire software supply-chain, enabling one to identify vulnerabilities not just in one’s own code but in the vast open-source dependencies as well.

CodeShield secures the whole software supply-chain. It uses scientifically proven analysis technology to precisely uncover previously unknown vulnerabilities in both in-house developed application code and it's dependencies.

CodeShield's Application Analysis scans your in-house developed code for security vulnerabilities. Our analysis is based on award-winning static analysis research. Its core technology provides previously unseen accuracy and analysis speed.


Find critical vulnerabilities like SQL-Injection, Cross-Site Scripting, Broken Access Control, etc.

Cryptographic Misuse

Check if cryptography is used correctly in your software and if all data is properly hashed, encrypted, and integrity protected.

Nullpointer analysis

Reveal nullpointer dereferences to prevent your software from crashing.

CodeShield's Dependency Analysis scans your whole software for vulnerabilities introduced by open-source dependencies.

Un- & Known Vulnerabilities

Detect vulnerable dependencies listed in public vulnerability databases and unkown vulnerabilities.


Detects vulnerabilities due to code duplicates that rebundling, repackaging, and recompilation introduce.

Effective Usage Analysis

Asses the impact of vulnerable open-source libraries on your software, and check if your code is making calls to vulnerable code.

Do you want to try out CodeShield?