nGuardOpen dashboard

Security analysis for AI-built products

Find what blocks a product from being ready to ship.

nGuard reviews repositories and live URLs, then returns prioritized findings with proof, scoring, and hardening guidance.

Code and runtime in one run AI checks when detected Evidence for every finding
Readiness reportEvidence-backed findings
Overall
72/100
Needs hardening
CriticalCommitted API key
src/auth/config.py:42
HighMissing security headers
https://app.example.com
ReviewAgent action lacks approval gate
detected tool surface
Report exports: PDF, SARIF, JSON, CSV

Start where the product is

Run nGuard against code, a deployed URL, or both.

The user does not need to describe the system first. nGuard profiles the target, chooses the applicable checks, and marks unavailable checks instead of pretending they ran.

Coverage

Standards and scan coverage are visible upfront.

Security teams should not need a demo to understand the surface area. nGuard shows the standards it maps to and the scan families it runs, while the report carries the detailed evidence.

Mapped standards

Findings are tagged against the frameworks security, audit, and AI-risk teams already recognize.

OWASP Top 10OWASP API Security Top 10OWASP LLM Top 10CWECVESOC 2HIPAAGDPRPCI-DSS

Scan families

Secrets and exposed credentials
SAST and insecure code paths
Dependency and supply-chain CVEs
Auth, JWT, session and cookie issues
Headers, CORS, CSP, HSTS and rate limits
Deployment, Docker, CI/CD and health checks
Reliability, resilience and observability
Data integrity, API quality and audit trails
Live URL DAST and passive runtime checks

LLM and agent red-team coverage

AI-specific checks are shown separately because they are becoming a buying requirement. nGuard should detect when they apply, run them automatically, and include them in the final scorecard.

Prompt injection and jailbreak attempts
System-prompt and context leakage
RAG and knowledge-base exposure
Tool misuse, goal hijacking and unsafe actions
MCP, agent configuration and permission risks
Cost, iteration and human-approval controls

Run flow

A clear path from target to hardening plan.

The homepage only needs to explain the journey. Deeper engine detail belongs inside the dashboard, run report, and documentation.

Profile the target

nGuard detects the stack, routes, services, auth patterns, live surface, and AI-specific behavior where present.

Run the analysis

Static, runtime, and AI checks run with progress per engine. Partial engine failures are reported instead of hiding uncertainty.

Return the scorecard

The final output is a readiness score, prioritized findings, evidence, and the next actions required before launch.

Evidence

Customers should see exactly why a score changed.

The report is the product moment. It needs to explain risk, proof, and next action without forcing the customer to trust a black-box score.

One report for security, engineering, and customer proof.

Keep the homepage simple; let the report carry the depth. That is where standards, engines, applicable tests, evidence, and fixes should be explored.

File and line references for code findings
Request and response proof for live findings
Severity, category, CWE/CVE and compliance mapping
Fix guidance, generated tests, and exportable reports

Ready to run

Start with the asset you have.

Connect source code for full analysis, or scan a deployed URL first when repo access is not available.

Connect repo Scan live URL