Snyk Code AI Engine
Snyk Code is powered by a semantic, AI-based analysis Engine, and it can analyze the following in your code:
Snyk Code includes secret detection capabilities that scan and highlight secrets like keys, credentials, and sensitive information in your source code. Unlike tools that use entropy checks or regular expressions, Snyk Code uses machine learning to improve the accuracy of detecting secrets and minimizing the occurrence of false positives.
Problems such as dead code, branches that are predefined, and branches having the same code on each side.
Determining the initial type and its changes - this is of special interest for dynamically typed languages.
Infers possible values for variables used to call functions to track off-by-one errors in arrays, division-by-zero, and null dereferences.
Follows the flow of data within the application from the Source to the Sink. Combined with AI-based learning of external insecure data source, data Sinks, and sanitation functions, this enables a strong taint analysis.
Identifies multiple potential issues including API misuses, null dereferences, and type mismatches by modeling the usage of memory in variables and references. This mechanism can also identify use of insecure functions.
Identifies null dereference or race conditions by modeling each possible control flow in the application.
Identifies multiple potential issues including buffer overruns, null dereferences, and type mismatches by modeling the usage of memory in variables and references.
Last modified 7d ago