Frequently Asked Questions

What value does this solution offer compared to other similar solutions?

With our Organizations plan you get an AI + Human synergy reviewing the code to ensure vulnerabilities don't make their way in and that you don't get false positives.

What is the context of the analysis?

The context is all the code and information given to the AI model when analyzing a code change (in a Pull Request or commit). The more information is given, the more exact results the analysis will provide.

Depending on your plan a different context will be used to analyze your code changes:

  • Free plan: No context is given to the model, which means that only the changes will be given to model

  • Startup Plan: Basic context is used, which means that all the code of the modifying file will be given along with the changes.

  • Organization Plan: Context Pro is used, which means that all the code of the project that was directly or indirectly using the modified code is going to be analyzed along with the changes. This allow the model to completely understand all the components that could be accepted.

Do you only monitor PRs? How can I monitor commits?

Upgrade your plan to Startup or Organization, and commits of monitored branches will also be analyzed with the level of context provided by your plan!

Note that commits created when an audited Pull Request is merged won't be monitored (as the Pull Request was already monitored).

Do you work only with GitHub repositories? Is there an on-premise solution?

For now, only GitHub. However, we can expand to other platforms like Bitbucket or GitLab easily if needed.

We could also offer an on-premise solution if necessary.

Is there any integration of the solution with JIRA or other ticketing platforms?

We could integrate easily Naxus with ticketing applications if an Organization request it.

For now, vulnerabilities are presented on the dashboard and GitHub.

Last updated