You'll love how fast you can set up a bug hunting service. Pinpoint installer can do that for you in
minutes. No root privileges and internet connection needed.
Low-code white box testing in your browser
Detect critical vulnerabilities with powerful drag and drop tools. Our web based UI have got you
covered. Our tester oriented workflow can help you get massive project scanned, all on your own.
Deploy once, use anywhere
Seamless CI and VCS integration
Get code quality feedback on your code changes with built-in integrations for CI and VCS.
Set up triggers to automatically build and check your code when your team member push changes to Source
Moving fast with fully automatic analysis pipelines.
Responsive IDE support
Pinpoint IDE extension helps you detect and fix quality issues right in your code editor.
Our code analysis engine can spot more critical flaws than built-in linter in IDE and compiler.
Analysis can be performed remotely and asynchronously so that you can scan huge projects on your laptop.
Pre-merge AI peer reviewer
Visibility into your entire code review process so that you can maximize review efficiency.
Automated code review for defects and vulnerabilities so that you can save time and merge with
Seamless integration with SonarQube
Pinpoint SonarQube extension helps you run Pinpoint in SonarQube with all kinds of other SCA tools. No
configure file modification and additional deployment is needed. Pinpoint checker can be easily set up
in Quality Profile as normal SonarQube checkers.
A good bug report is worth a thousand words
Fix more bugs with less reports
Obscure and false-positive-prone reports are the leading cause of SCA failures.
We know how important the precision and readability of bug report are to developers.
Our system can rank and merge repetitive bug reports smartly to support effective bug triage and
Pinpoint the five Ws of bug
Pinpoint helps developer understand the reports by answer five Ws of specific programming errors with
tips and documents:
· How many classes, functions and sourcecode files are involved?
· What will happened if the bug is triggered?
· Which execution path does it take place?
· What condition leads to the bug?
· Why it's a bug or vulnerability?
Easy report generation and metrics
Easy scanning report creation in a variety of different format.
Detailed report with rich metrics, bug documents, code snippets and bug description can be generated in
HTML and PDF format.
Scalar metrics can be exported in json, xml and ELK format.
PLDI'18 research paper introduction to the mechanism of source-sink engine of Pinpoint.
Th Sourcebrella team has engineered a number of high quality SCA checkers that cover the needs of
development, testing, security and
evaluation. And through cooperation with government and enterprise customers, we integrated the world's
static analysis capabilities with real world R&D work flows. Make static analysis capabilities not
only play a role in code checking scenario, but also further applied in program verification, code
search, compilation acceleration, and