Skip to main content
Vidoc uses AI to find real security vulnerabilities in your code while minimizing false positives.

Context Engine

At the heart of Vidoc is our Context Engine - AI that deeply understands your codebase. Unlike traditional scanners that match patterns, Vidoc’s Context Engine analyzes how your code actually works. This means:
  • Fewer false positives - Findings are validated against your actual code context
  • Finds complex issues - Detects vulnerabilities that pattern matching misses
  • Understands your codebase - Considers your frameworks, libraries, and coding patterns

What Vidoc Detects

Attack Vulnerabilities

Security threats that can be directly exploited:
  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Command Injection
  • Server-Side Request Forgery (SSRF)
  • Path Traversal
  • And more…
See Attack Vulnerabilities for the full list.

Compliance Issues

Security weaknesses and misconfigurations:
  • Hardcoded Secrets
  • Weak Cryptography
  • Insecure Transport
  • Information Disclosure
  • Misconfigurations
See Compliance Issues for the full list.

Learnings

Vidoc gets smarter as you use it. When you mark an issue as a false positive, Vidoc creates a learning that feeds back into the Context Engine.
  • Provide a reason when ignoring issues
  • Learnings apply to future scans automatically
  • Your team’s knowledge improves detection accuracy
See Learnings for more details.

Security & Privacy

  • Your code is encrypted in transit and at rest
  • Code is processed securely and not stored permanently
  • Scan results are retained according to your settings

Security Categories

Full list of detected issues

Learnings

How learnings improve accuracy

Issues

Review scan results

Quickstart

Run your first scan