What programming languages does Cloud Reviewer support for SAST?

Cloud Reviewer supports a broad range of languages including Java, JavaScript, TypeScript, Python, Go, C/C++, C#, PHP, Ruby, and Kotlin. The scanner runs on the same engine across all deployment models — Desktop, Docker, Kubernetes, and Cloud.

Does Cloud Reviewer integrate with CI/CD pipelines?

Yes. Cloud Reviewer integrates natively with GitHub Actions, GitLab CI, Jenkins, and other popular CI/CD platforms. The Docker and Kubernetes editions are designed for pipeline-native execution, producing results in SARIF and JSON formats.

What deployment models are available?

Cloud Reviewer is available in four deployment motions: Desktop (local CLI), Docker (containerised scans), Kubernetes (cluster-native via Helm), and Cloud (managed SaaS with no infrastructure to operate). All four run the same SAST, SCA, and DAST engine.

Is there a free trial and how is pricing structured?

Cloud Reviewer offers a free tier for individual use. Paid SaaS plans are available at buy.cloudreviewer.net with transparent per-seat pricing and no hidden fees. Self-hosted editions (Desktop, Docker, Kubernetes) are sold through resellers — contact partners@cloudreviewer.net for a quote.

cloudreviewer

Security software that provides simplicity and automation.

Cloud Reviewer, built around four commercial deployment products — Desktop, Docker, Kubernetes, and Cloud — with a simple pricing flow.

Start free See pricing

85+active scan engines

5scan depth levels

20concurrent tests per user supported

4deployment models

SASTSCA + SBOMDASTASPM Prioritization

Prioritization funnelTotal → CVSS → Reachable → Exploitable → Impact

Top CWEMost frequent weakness

IntegrationsRepo → CI → Registry → K8s

Ready

CoverageSAST / SCA / DAST

SASTSCADASTSBOM

Live posture SBOM exports TRAPI system-of-record Dojo via proxy

SAST · SCA · DAST · MAST · ASPM · XDRLight / Standard / Deep / AI-Based scan modesCVSS scoring & CWE classificationAged findings & historical progress trackingMulti-product unified dashboardGitHub / GitLab / IDE integrationCustom reporting exports4 deployment models — Desktop · Docker · Kubernetes · CloudSAST · SCA · DAST · MAST · ASPM · XDRLight / Standard / Deep / AI-Based scan modesCVSS scoring & CWE classificationAged findings & historical progress trackingMulti-product unified dashboardGitHub / GitLab / IDE integrationCustom reporting exports4 deployment models — Desktop · Docker · Kubernetes · Cloud

Product architecture

The same core engine in four distinct deployment motions

Cloud Reviewer is designed to stop treating a Security platform as a single abstract product. You can now understand which operating model fits your team(s) immediately.

managed-saas

Cloud

Fully managed SaaS for application security posture

Cloud Reviewer brings managed, multi-tenant application security together with SAST, SCA, DAST, MAST, XDR, ASPM and broad DevOps integrations in a service-led operating model.

Managed multi-tenant SaaS experience

Broad analysis coverage with reporting exports

Built for enterprise and institutional buying motions

Explore Cloud

SAST + SCA + DAST + MAST + XDR

ASPM correlation

Managed operations

Expected outcomes

Faster adoption

Lower ops overhead

Cleaner executive visibility

Platform coverage

One platform, multiple lenses of application security

SAST

Source-code analysis with blocker/critical/major severity triage, CVSS scoring, aged-findings tracking, and historical progress charts — covering all major languages and frameworks.

SCA

Dependency scanning with Critical/High/Medium/Low severity breakdown, CVSS distribution, and Top-5 aged-findings tracking for open-source and third-party libraries.

DAST

Black-box and white-box dynamic testing with four depth levels — Light, Standard, Deep, and AI-Based — supporting direct connection and API scan modes.

MAST

Mobile analysis support for teams extending posture management across iOS and Android app estates.

ASPM

Risk management with CWE/CVSS classification, priority management, reachability, exploitability, business impact and cross-product posture correlation in one dashboard.

XDR

Extended cyber-protection context layered over SAST/SCA/DAST signals to reduce false urgency and focus remediation effort on what materially matters.

Workflow

From alert to remediation without losing the direction

Connect

Onboard repositories, folders, images, or running applications with the deployment model that suits your policy constraints.

Analyze

Run SAST, SCA, DAST, MAST, container, and posture workflows with a consistent operating experience.

Prioritize

Layer exploitability, business impact, technical debt, and ownership to cut through alert volume.

Remediate

Route issues to the right teams with enough context to fix faster and prove progress over time.

Deployment matrix

Choose the solution that fits

CapabilityDesktopDockerKubernetesCloud

Best fitSensitive codebases and consultantsCI/CD and reproducible deliveryPlatform teams and multi-tenant opsFastest time-to-value SaaS

Hosting modelEndpoint + dashboard flowSelf-hosted container runtimeSelf-hosted clusterManaged multi-tenant service

Operational effortLowMediumHighLowest

Security posture viewProject-centricPipeline-centricTenant + service-centricExecutive + team-centric

Buying motionPilot / specialistPlatform adoptionEnterprise rolloutSubscription-led

Clear pricing

No hidden clauses, ready for checkout

Check our pricing service, it handles SaaS plan comparison and international payment platform.

Free€01 public repository, community support

Pay-per-Use€199per analysis

Standard€29910 users / month, 30 scans / year

Professional€54910 users / month, unlimited scans

Developer€59per additional developer / month, min. 10

Best cost / benefits

We offer very competitive prices

Our platform offers an affordable level while maintaining low prices. Highest level results are guaranteed by our Certifications and Partnerships.

Open pricing service