Assembla acquires Cornerstone - The #1 MacOS client for Subversion. Learn more.

Static Code Analysis for your Enterprise

Identify vulnerabilities in proprietary and open source code before your applications are deployed with Assembla Static Analysis.

Assembla version control technology

Is Your Source Code Safe?

The enormous costs associated with data breaches can be prevented by performing security assessments before your applications are built and deployed. The average total cost of a data breach is $3.62 million, yet not enough companies are scanning their code for vulnerabilities.

Read the article on


Shift Left: Source Code Security

Every year, companies release new software and are surprised by a zero day attack. When teams address security vulnerabilities at the source code level, it can prevent attacks like this from happening. At Assembla, we offer an automated vulnerability scan, seamlessly integrated with your SDLC.

Shift Left: Source Code Security
Automated Vulnerability Scanning

Automated Vulnerability Scanning

Simple open source dependency scans are important, but aren't enough to prevent a breach - 75% of breaches reported in 2017 were caused by developers inserting secret keys and passwords directly into source code. Assembla is committed to delivering a suite of automated scans that detect a range of real threats, from open source dependencies to secret keys, passwords and more.

Assembla Static Analysis supports most languages for desktop, web and mobile applications.

Java , .NET , JavaScript (including AngularJS, Node.js, and jQuery), Python, Perl, PHP, Ruby on Rails, iOS (Objective-C and Swift), Android (Java), PhoneGap, Cordova, Titanium, Xamarin, C/C++ (Windows, RedHat Linux, OpenSUSE, Solaris), COBOL, RPG, Visual Basic 6

Assembla Static Analysis supports most languages for desktop, web and mobile applications.

Assembla's Innovative Security Has Years of Proven Experience

Privacy shield

Assembla is also fully certified on PrivacyShield. The full report is available on request.

PCI DSS logo

We are Level 3 PCI certified and partner with Level 1 provider Chargify to process transactions. Download our PCI DSS certificate here.

Aicpa logo

Our security controls are audited each year, following the AICPA SSAE-16 SOC 2 guidelines for the Security and Availability principles. The full report is available on request.

All Assembla Cloud Services follow DevOps principles and are using automated, continuous deployment for all application code.

Download the Free Whitepaper

How Assembla Approaches Security

Managed Private Cloud

Assembla offers multiple infrastructure design options including managed private cloud. Global deployment options with multi-node infrastructure in North America, EMEA and APAC. Can be customized to meet unique compliance security and SLA requirements up to 99.99%.

Managed private cloud

Our Security Roadmap

Assembla is fully committed to GPDR and HIPAA compliance in 2018.

hipaa gdpr

Ready to get started with Enterprise Cloud Version Control?