Patch Security
Build Confidence

We make it easier for developers to address security vulnerabilities within source code without compromising development speed


Automatic Application Quality Testing
For Your Critical Digital Assets

Our static analysis tools can scan thousands lines of code per second to automatically pinpoint deep defects and vulnerabilities early in development process. We help developers worldwide boost software security , create more reliable service and ease the risk of complex modern software architecture.

Testimonial from our clients

Pinpoint possesses extraordinary ability in pointer analysis.
—— Senior developer at Huawei


Sourcebrella is one of the very few domestic companies that has research & development capabilities to ship SCA tools. The IR analysis technology Pinpoint uses really dispels the concerns about sourcecode security.
—— Senior Testing engineer at ZSSNETC Lab

Open source SCA
Continuous OSS projects vulnerability scanning
In modern software development process developers can hardly avoid using open-source frameworks or libraries. For years, our Pinpoint™ engine detect vulnerabilities e.g. OpenSSL Heartbleed and SMB stackoverflow in OSS projects. And help our clients manage those risks.
We scanned and contributed patches to many popular projects, including:
Application Security for Everyone
Made in Shenzhen with love
Our duty is to bring the cutting edge static analysis technology to the industry and help our client build more robust software and service. We are hiring! Hope talents who agree with our missions come and join us.
International Advisory Committee

At Sourcebrella, we are committed to deliver a fast and simple experience for developers and enterprises with guarantees on software qualities. We want to construct new security standards in software in China with our passion and professions. This is our purpose – and why we exist as a team. Sourcebrella was originated from the cybersecurity laboratory in HKUST. Our team is constituted of talents with extortionary research experience and professional engineering skills. Our advisory committee includes well-known scholars and famous experts in program analysis, mobile applications, block chain, big data and other fields.

Prof. Charles Zhang
Director and co-founder of the Sourcebrella Advisory Committee. Director of Cybersecurity Laboratory and Professor of Computer Science Engineering department in HKUST, Associate Editor of IEEE TSE, Security Consultant of Hong Kong Monetary Authority. Charles has 16 years of research experience in the field of software analysis. Under his lead, the research group Prism became one of the finest Asian groups in programming language, and Prism is awarded by many influential organizations including the Hong Kong Research Grants Council and Innovation and Technology Bureau. Prism achieve many research recognitions including outstanding paper awards in many internationally influential journals and the only outstanding paper award from PLDI in Asia. Charles dedicates himself to lead the Sourcebrella to explore top notch science and technologies.
Prof. Hans-Arno Jacobsen
Mentor of original Sourcebrella team, Tenured professor at TUM and university of Toronto. Arno was awarded the famous Alexander von Humboldt Professorship in 2012. He is the authority in software engineering, middleware system and large information system. Arno has published hundreds of papers with topics of software engineering and the large information system application. He is the representative figure of the 11th generation of German Göttingen school. Arno conducted researched in smart grid, blockchain and distributed network. He provided important recommendations to Sourcebrella’s cloud strategy based on Pinpoint.
Prof. Xiangyu Zhang
Professor and honoured scholar of Computer Science Engineering in Purdue University. Xiangyu is specialised in dynamic and static program analysis including tuning, testing, forensic analysis and data processing. He is recognized with 2017 USENIX Security Distinguished Paper Award, 2016 NDSS Distinguished Paper Award, 2015 CCS Best Paper Award, 2014 USENIX Security Best Student Paper Award and 2006 ACM SIGPLAN Dissertation Award. Xiangyu will provide trivial guidance on Pinpoint’s analysis features.
Prof. Grigore Rosu
Professor in Computer Science at UIUC. Founder of Formal System Laboratory(FSL). CEO&CTO of Runtime Verification. General chair of the top conference ASE. Ex-NASA Ames researcher. The K Framework developed by Grigore and his UIUC team is recognized and adopted by NASA, Boeing, Toyota, and many other software enterprises. Grigore recently established a cutting-edge technology solution for a smart contract for Ethereum based on the K Framework. Grigore will provide trivial guidance on implementation of smart contract verifications based on static analysis.
Prof. Eric Bodden
Professor for Software Engineering at Paderborn University and Co-director of the Fraunhofer Institute for Mechatronic Systems Design. Eric is one of the chief maintainers of the Soot and FlowDroid program analysis frameworks. Eric’s work has been recognized with five ACM Distinguished Paper Awards. In 2014, he was awarded the Heinz Maier-Leibnitz-Price by the DFG, the highest honour for young German scientists. He was also awarded German IT Security Award and “Top 40 under 40” by Capital. As an expert in mobile applications, Eric will provide trivial guidance on security testing of mobile applications.
Prof. Harry Xu
Associate professor in UCLA, ex-researcher of Microsoft REDMOND, research of IBM Thomas Watson. Harry issued tens of quality papers in programming languages and system conference including PLDI, OOPSLA, OSDI, SOSP and ASPLOS. His researches has a widespread influence. Harry is active in software engineering and system software in recent years. His recent research focuses on high performance systems and big data systems. He will provide important recommendations to Sourcebrella’s cloud strategy based on Pinpoint.
Prof. Qirun Zhang
Assistant professor in the School of Computer Science at the Georgia Institute of Technology. Qirun’s research area includes program language analysis and software engineering especially on software security and reliability. He has published his research findings in PLDI, POPL, OOPSLA and ICSE and is awarded with multiple awards including US National Science Foundation. Qirun’s current research is developing efficient static analysis techniques and keep a academic collaboration with Sourcebrella. He will continue to support Sourcebrella’s products.
Prof. Jeff Huang
Assistant professor in Texas A&M University, the director of Parasol lab. Jeff enjoys doing research in software engineering and programming languages, in particular, concurrency and concurrent programming, program analysis, program verification, testing, debugging, and everything looks interesting related to software correctness, performance, reliability, and security. Jeff leads Parasol lab to publish tens of influential papers on premium software engineering conferences and is awarded founding from multiple national foundations and network enterprises including US National Science Foundation, Google Research Foundation and Mozilla Research Foundation. Jeff will support Sourcebrella’s product in software correctness, reliability and security.
Sponsored by