// Security hub
Security Scanning
Run security scans on your code, AI assets, and APIs
AI Security
Popular
MCP Security Scan
Scan MCP server configurations for prompt injection, excessive permissions, and unverified server origins. Mapped to OWASP LLM Top 10 and MITRE ATLAS.
Agent Instructions Scanner
Scan AI agent skill files for prompt injection, obfuscation, and dangerous instructions.
LLM Prompt Security Testing
Test your AI system prompts for prompt injection vulnerabilities, jailbreak susceptibility, and missing guardrails.
System Prompt *
Code Security
Popular
Secrets Detection
Scan your codebase for hardcoded API keys, passwords, private keys, and cloud credentials before they reach production.
AI Code Scanner
Scan AI-generated code for security anti-patterns, missing validation, insecure defaults, and CWE violations. Mapped to OWASP ASVS and LLM06.
Infrastructure
IaC Scanner
Scan Terraform, Kubernetes, Docker, CloudFormation, and Ansible files for security misconfigurations.
Terraform, Kubernetes YAML, Dockerfile, CloudFormation, docker-compose
API Security Scanner
Scan OpenAPI and Swagger specifications for authentication issues, broken authorization, and OWASP API Top 10 vulnerabilities.
Plugin Security Scanner
Scan AI plugin manifests and OpenAPI specs for insecure design, missing auth, and OWASP LLM07 violations.
Import & Analysis
SARIF Import
Import findings from Semgrep, Trivy, GitHub GHAS, Checkov. Findings appear in your dashboard alongside Arcwall native scans.
STRIDE Threat Model
Answer 5 questions about your system or upload an architecture diagram. Get a full STRIDE analysis with security lead workflow.
// Scheduled Scans
Scheduled Scans
Connect GitHub to set up automatic scheduled scans on your repositories. Runs daily, weekly, or monthly — findings land in your dashboard automatically.
Connect GitHub →Recent Scans
Loading...