What kind of suggestions does CodeGuru Security provide?What languages does CodeGuru Security support?What IDEs does CodeGuru Security support?What integrations does CodeGuru Security support?How is CodeGuru Security different from CodeGuru Reviewer?How much does CodeGuru Security cost?How do I get started with CodeGuru Security?

What is Amazon CodeGuru Security?

Amazon CodeGuru Security is a static application security tool that uses machine learning to detect security policy violations and vulnerabilities. It provides suggestions for addressing security risks and generates metrics so you can track the security posture of your applications. CodeGuru Security’s policies, which are informed by years of Amazon.com and AWS security best practices, help you to create and deploy secure, high-quality applications.

CodeGuru Security is currently supported in several AWS Regions.

What kind of suggestions does CodeGuru Security provide?

CodeGuru Security identifies security vulnerabilities in your code and suggests remediations to improve the security of your code base. Examples of security vulnerabilities it detects include resource leaks, hardcoded credentials, and cross-site scripting. CodeGuru Security can also identify code quality issues with some integrations. For more information on the types of analysis performed in code scans, see Types of code scans.

CodeGuru Security scans are powered by Amazon CodeGuru detectors that can identify a range of code security and code quality issues. For information about these detectors, see the Amazon CodeGuru Detector Library.

What languages does CodeGuru Security support?

CodeGuru Security supports the following language versions:

Java ‐ Java 17 and earlier
JavaScript ‐ ECMAScript 2021 and earlier
Python ‐ Python 3.11 and earlier, within the Python 3 series
C# ‐ All versions (.Net 6.0 and later recommended)
TypeScript ‐ All versions
Ruby ‐ Ruby 2.7 and 3.2
Go ‐ Go 1.18
C ‐ C11 and earlier
C++ ‐ C++17 and earlier
PHP ‐ PHP 8.2 and earlier
Infrastructure as Code (IaC) languages
- AWS CloudFormation ‐ 2010-09-09
- Terraform ‐ 1.6.2 and earlier
- AWS CDK ‐ TypeScript and Python

CodeGuru Security supports the following languages for automatic code fixes:

Java ‐ Java 17 and earlier
JavaScript ‐ ECMAScript 2021 and earlier
Python ‐ Python 3.11 and earlier, within the Python 3 series
C# ‐ All versions (.Net 6.0 and later recommended)
TypeScript ‐ All versions
Infrastructure as Code (IaC) languages
- AWS CloudFormation ‐ 2010-09-09
- Terraform ‐ 1.6.2 and earlier
- AWS CDK ‐ TypeScript and Python

For a list of the file types supported for secrets detection, see Supported file types for secrets detection.

What IDEs does CodeGuru Security support?

CodeGuru Security can be used in the following interactive development environments (IDEs). For notebook IDEs, CodeGuru Security is available through the Amazon CodeGuru extension for code written in Python. For other IDEs, CodeGuru Security is available through the Amazon CodeWhisperer plugin for code written in all languages CodeGuru Security supports.

Amazon SageMaker Studio
JupyterLab
Visual Studio Code through the AWS Toolkit
IntelliJ IDEA through the AWS Toolkit

What integrations does CodeGuru Security support?

CodeGuru Security supports integration with the following products and services:

GitHub
GitLab
Bitbucket
AWS CLI
AWS CodePipeline

CodeGuru Security also supports the following services:

AWS Lambda code scanning with Amazon Inspector. For more information, see Scanning AWS Lambda functions with Amazon Inspector.
Amazon CodeWhisperer security scans. For more information, see Security scans in Amazon CodeWhisperer.

How is CodeGuru Security different from CodeGuru Reviewer?

CodeGuru Security is a rearchitected and redesigned version of CodeGuru Reviewer. CodeGuru Security uses hundreds of new security detectors to scan your code, in addition to the detectors that were developed for CodeGuru Reviewer. CodeGuru Security also includes many additional features such as vulnerability tracking and a metrics dashboard to help you monitor the security posture of your applications. For more information, see CodeGuru Security Features. If you are a CodeGuru Reviewer customer and want to access the most updated code scanning capabilities with new detectors, enable code quality analysis in your scans. For more information, see Types of code scans.

How much does CodeGuru Security cost?

Currently, CodeGuru Security is in preview release and is free to use.

How do I get started with CodeGuru Security?

Currently CodeGuru Security is available through the console, the AWS CLI and AWS SDKs, and through several integrations. For more information, see Getting started with CodeGuru Security.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

How CodeGuru Security works