Formal Guardian of Code Quality


Sourcebrella Pinpoint detects numerous types of code defects and security flaws before they cause data breaches and application crashes.

Pricing Features Our Tech
Secure SDLC that cost less than a cup of coffee

Starter Plan

Up to 99 users

$0.9 / developer
day

  • Unlimited instance number
  • Unlimited physical host number
  • Unlimited parallel analysis

Lite Plan

100 - 199 users

$0.7 / developer
day

  • Unlimited instance number
  • Unlimited physical host number
  • Unlimited parallel analysis

Pro Plan

200 - 299 users

$0.6 / developer
day

  • Unlimited instance number
  • Unlimited physical host number
  • Unlimited parallel analysis

Enterprise Plan

300 - 500 users

$0.4 / developer
day

  • Unlimited instance number
  • Unlimited physical host number
  • Unlimited parallel analysis

The license covers the use of Sourcebrella Pinpoint within organization
For larger deployment with more than 500 developers please contact us for a better offer.
E-mail:sales@sbrella.com
Tel:0755-22671445
Wechat:源伞科技

Sophisticated static analysis is just clicks away
Intuitive, easy to deploy All-in-One Bundle
You'll love how fast you can set up a bug hunting service. Sourcebrella Pinpoint installer can do that for you in minutes. No root privileges and internet connection needed.
Low-code white box testing in your browser
Detect critical vulnerabilities with powerful drag and drop tools. Our web based UI have got you covered. Our tester oriented workflow can help you get massive project scanned, all on your own.
Deploy once, use anywhere
Seamless CI and VCS integration
Get code quality feedback on your code changes with built-in integrations for CI and VCS. Set up triggers to automatically build and check your code when your team member push changes to Source Repositories. Moving fast with fully automatic analysis pipelines.
Responsive IDE support
Sourcebrella Pinpoint IDE extension helps you detect and fix quality issues right in your code editor. Our code analysis engine can spot more critical flaws than built-in linter in IDE and compiler. Analysis can be performed remotely and asynchronously so that you can scan huge projects on your laptop.
Pre-merge AI peer reviewer
Visibility into your entire code review process so that you can maximize review efficiency. Automated code review for defects and vulnerabilities so that you can save time and merge with confidence.
Seamless integration with SonarQube
Sourcebrella Pinpoint SonarQube extension helps you run Pinpoint in SonarQube with all kinds of other SCA tools. No configure file modification and additional deployment is needed. Sourcebrella Pinpoint checker can be easily set up in Quality Profile as normal SonarQube checkers.
A good bug report is worth a thousand words
Fix more bugs with less reports
Obscure and false-positive-prone reports are the leading cause of SCA failures. We know how important the precision and readability of bug report are to developers. Our system can rank and merge repetitive bug reports smartly to support effective bug triage and remediation.
Sourcebrella Pinpoint the five Ws of bug
Sourcebrella Pinpoint helps developer understand the reports by answer five Ws of specific programming errors with tips and documents:
  • · How many classes, functions and sourcecode files are involved?
  • · What will happened if the bug is triggered?
  • · Which execution path does it take place?
  • · What condition leads to the bug?
  • · Why it's a bug or vulnerability?
Easy report generation and metrics
Easy scanning report creation in a variety of different format. Detailed report with rich metrics, bug documents, code snippets and bug description can be generated in HTML and PDF format. Scalar metrics can be exported in json, xml and ELK format.
Research Driven

PLDI'18 research paper
introduction to the mechanism of source-sink engine of Pinpoint.

learn more

ICSE'19 research paper
introduction to the mechanism of state-machine engine of Pinpoint.

learn more

Engineering Powered

Th Sourcebrella team has engineered a number of high quality SCA checkers that cover the needs of development, testing, security and evaluation. And through cooperation with government and enterprise customers, we integrated the world's top static analysis capabilities with real world R&D work flows. Make static analysis capabilities not only play a role in code checking scenario, but also further applied in program verification, code search, compilation acceleration, and micro-service management.