Skip to main content

Introducing Pixee 👋

Pixee is your automated product security engineer.

Pixee triages and fixes issues detected by your code scanning tools. To make the fixes, we send you pull requests, just like your other team members.

How does Pixee help me?

  1. 🗃️ Continuous Improvement: works down your backlog of issues and keeps your codebase secure.
  2. 🌱 PR Improvement: checks each new pull request (PR) and recommends improvements.
  3. 🔎 Triage: identifies false positives and prioritizes issues that need fixing.

What types of issues can Pixee triage and fix?

Pixee can triage and fix a wide range of security issues detected by code scanning tools. Many of these issues are common across tools and languages, such as:

  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Insecure Deserialization
  • Insecure Randomness
  • XML External Entities (XXE)
  • Insecure Cookie Handling
  • Command Injection
  • JNDI Injection
  • Reflection Injection
  • Insecure Configuration
  • ... and many more!

How can I test Pixee?

Pixee is most easily tried as a GitHub App on the GitHub Marketplace. We provide a free tier on our cloud offering that can be installed on any public or private repository. After adding Pixee, you need to get some code scanning results to show the breadth of fixes available. To do that, try adding SonarCloud to it. This is a great way to get started with Pixee and see how it can help to harden and secure your code, and triage your code scanner alerts.

If you need a repository to test with, we recommend trying Pixee out with a deliberately insecure application. Template repositories containing Java and Python test applications are available in PixeeSandbox: https://github.com/PixeeSandbox.

Testing with these deliberately insecure applications can give you an idea of how Pixee works, before installing it directly on your personal or professional repositories.

For additional details, see the Installation page.

Pixee also supports self-hosted deployments for organizations that require additional security or compliance measures. To learn more about Pixee self-hosted solutions, please contact us.

What does Pixee cost?

Please see https://www.pixee.ai/pricing.