Repoloom is currently in beta. Try it free

Repository Security Scanner

Know what's hiding
in your code

Repoloom scans your repositories for CVEs, exposed secrets, and security anti-patterns — before they reach production.

Start free trial

7 days free · No credit card required

Repoloom Dashboard
31+
SAST Rules
12
Ecosystems
8
Languages
6
Scan Types

Capabilities

Everything to secure your stack

01

Dependency Scanning

Detect known CVEs across 12 package ecosystems before they become incidents.

02

Secret Detection

Surface exposed API keys, tokens, and credentials hiding in your codebase.

03

Static Analysis

31 rules catch SQL injection, XSS, command injection, and other anti-patterns across 8 languages.

04

EOL Detection

Track end-of-life and deprecated packages so you never ship on abandoned foundations.

How it works

Three steps, under a minute

01

Connect

Link your GitHub account with read-only access. We never write to your repositories.

02

Select

Choose which repositories to monitor. Set custom scan frequency for each.

03

Scan

Get actionable results in seconds, prioritized by severity and exploitability.

Pricing

Start free, scale when ready

Every plan includes a 7-day free trial. No credit card required.

Small
1 repository
$5/month
  • Dependency scanning
  • Secret detection
  • Basic SAST (5 rules)
  • 5 manual scans/month
  • EOL detection
  • Export reports
Start free trial
Popular
Medium
5 repositories
$10/month
  • Dependency scanning
  • Secret detection
  • Full SAST (17 rules)
  • 20 manual scans/month
  • EOL detection
  • Export reports
Start free trial
Pro
Unlimited
$20/month
  • Everything in Medium
  • Container scanning
  • 100 manual scans/month
  • Priority support
  • Custom integrations
  • SLA guarantee
Start free trial

FAQ

Common questions

Ship with confidence

Know your code is secure — from every dependency to every line.

Get started