07 DHARMA · RAKṢĀ

AI Security Scanning That Finds What Others Miss

रक्षा"Protection" — Sanskrit

Semgrep + LLM reasoning in one pipeline. RAKṢĀ combines static analysis with AI-powered contextual understanding to find vulnerabilities traditional scanners can't detect — then generates patches automatically. Now with a full Web UI for drag-and-drop code uploads and one-click GitHub repo scanning.

🛡️SOC 2 Type II
💳PCI-DSS v4.0
📋ISO 27001
🏛️Cyber Trust Mark
🎯MITRE ATT&CK
🔐OWASP Top 10
Start Free TrialSee Live Demo ↓
14
Zero-days found in research
97%
Detection confidence
4-8×
Cheaper than incumbents
<5min
CI/CD integration
Live Demo

Watch RAKṢĀ Scan in Real Time

Click Run to see how RAKṢĀ combines Semgrep static analysis with LLM reasoning to find vulnerabilities and auto-generate patches.

raksha — security scan
Click ▶ Run Scan to see RAKṢĀ in action
Architecture

Three-Stage Intelligence Pipeline

Traditional scanners find patterns. RAKṢĀ understands intent, context, and exploitability — then tells you exactly how to fix it.

RAKṢĀ three-stage security scanning pipeline: static analysis, LLM reasoning, and remediation
01

DṚṢṬI — Static Analysis

दृष्टि — "Vision"

Semgrep rules scan your entire codebase for known vulnerability patterns, dependency issues, and misconfigurations. Fast, deterministic, zero false negatives on known patterns.

02

PARIKṢĀ — LLM Reasoning

परीक्षा — "Examination"

DeepSeek R1 and Qwen3 reason about each finding in context — understanding business logic, data flow, and actual exploitability. Reduces false positives by 80%+ compared to rule-only scanners.

03

YUKTI — Remediation

युक्ति — "Strategy"

Auto-generates code patches, maps findings to MITRE ATT&CK techniques, and produces SARIF reports. Patches are context-aware — they understand your framework and coding style.

Capabilities

Everything Your Security Team Needs

🔍

Code Vulnerability Scanning

Multi-language SAST with Semgrep + LLM hybrid. Supports JavaScript, TypeScript, Python, Go, Java, C/C++, and Solidity.

🎯

MITRE ATT&CK Mapping

Every finding is automatically mapped to ATT&CK v19 tactics and techniques. See which threats your codebase is exposed to.

🌐

Web UI — Scan Anything

Upload ZIP/TAR archives or paste a GitHub URL to scan instantly from your browser. No CLI needed — results appear in real time with severity breakdown and exportable reports.

🔧

Auto-Generated Patches

AI generates context-aware code fixes that understand your framework, dependencies, and coding style. One-click apply.

📊

SARIF Output

Industry-standard SARIF 2.1.0 output integrates directly with GitHub Code Scanning, VS Code, and your existing tools.

📊

Enterprise Security Dashboards

Executive, threat intelligence, and enterprise compliance dashboards with real-time risk scoring, vulnerability trends, and remediation tracking.

🏗️

Infrastructure Posture

Scan Terraform, Kubernetes manifests, Dockerfiles, and cloud configs for misconfigurations and compliance gaps.

📋

Compliance Automation

SOC 2, PCI-DSS, ISO 27001, and HIPAA compliance reporting. Automated evidence collection, audit trails, and regulatory gap analysis.

👁️

Real-Time File Watchers

Watch directories for changes and scan automatically. Get instant security feedback as you code — shift-left security that keeps up with your workflow.

🔒

On-Prem Deployment

Run entirely on your infrastructure with open-source LLMs. Your code never leaves your network. Air-gapped mode available.

Integration

5 Minutes to Your First Scan

Add RAKṢĀ to your CI/CD pipeline with a single GitHub Action. Results appear as native GitHub Code Scanning alerts.

.github/workflows/raksha.yml
name: RAKṢĀ Security Scan

on:
  pull_request:
    branches: [main, develop]
  push:
    branches: [main]

permissions:
  security-events: write
  contents: read

jobs:
  raksha-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Run RAKṢĀ Scan
        uses: avyay-ai/raksha-action@v1
        with:
          api-key: ${{ secrets.RAKSHA_API_KEY }}
          scan-path: ./src
          severity-threshold: medium
          sarif-output: results.sarif
          mitre-mapping: true
          auto-fix: true

      - name: Upload SARIF to GitHub
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

      - name: Comment PR with findings
        if: github.event_name == 'pull_request'
        uses: avyay-ai/raksha-action/comment@v1
        with:
          sarif_file: results.sarif
GitHubGitLabBitbucketJenkinsCircleCIVS Code
Case Study

How RAKṢĀ Defends Against Real Threats

Operation Cyber GuardianAPT UNC3886

Singapore Telco Defence: All 4 Major Operators Attacked

In February 2026, China-nexus APT group UNC3886 attacked all four of Singapore's major telecommunications operators. Here's how RAKṢĀ's detection pipeline addresses the attack vectors used.

Attack Vector → RAKṢĀ Response

Zero-day exploitation of public-facing applications
T1190 — Exploit Public-Facing Application
RAKṢĀ: PARIKṢĀ LLM analysis detects suspicious input handling patterns before they become zero-days. 97% confidence on SQL injection and command injection vectors.
Rootkit deployment for persistent access
T1014 — Rootkit
RAKṢĀ: DṚṢṬI infrastructure scanning detects kernel module modifications and suspicious system call hooking patterns in IaC configs.
Detection evasion and indicator removal
T1070 — Indicator Removal
RAKṢĀ: YUKTI compliance engine tracks expected vs. actual log integrity. Missing audit trails trigger immediate high-severity alerts.
100+
Cyber defenders mobilised
11
Months of investigation
4/4
Telcos compromised
3
ATT&CK techniques used

Source: CSA Singapore, "Operation CYBER GUARDIAN" press release, 9 Feb 2026. RAKṢĀ detection capabilities based on MITRE ATT&CK v19 mapping.

Why RAKṢĀ

Built Different

Feature
RAKṢĀ
Traditional SAST
AI contextual reasoning
Auto-generated patches
MITRE ATT&CK mapping
Partial
SARIF output
On-prem / air-gapped
Rare
Bring your own LLM
False positive reduction
80%+
N/A
Starting price
$2K/mo
$10K+/mo
Pricing

Security That Doesn't Break the Budget

4-8× more affordable than CrowdStrike or Palo Alto. Open-source LLMs + lean architecture = enterprise-grade security at startup prices.

Starter

आरम्भ
$2,000/month

For small teams getting started with AI security

  • Up to 50 repositories
  • Up to 500 endpoints
  • Threat intel dashboard
  • Code vulnerability scanning
  • Basic compliance reports
  • SARIF & JSON output
  • GitHub Action integration
  • Email support
Start Free Trial
Most Popular

Professional

व्यावसायिक
$5,000/month

For growing teams with compliance needs

  • Up to 200 repositories
  • Up to 2,000 endpoints
  • Everything in Starter, plus:
  • Infrastructure posture assessment
  • MITRE ATT&CK mapping
  • Auto-generated remediation patches
  • API access & webhooks
  • Priority support (< 4hr SLA)
  • SOC 2 & PCI-DSS reporting
Start Free Trial

Enterprise

उद्यम
Custom

For large organizations & regulated industries

  • Unlimited repositories & endpoints
  • Everything in Professional, plus:
  • On-prem / air-gapped deployment
  • Bring your own LLM models
  • Custom compliance frameworks
  • Cyber Trust Mark (CTM) audit prep
  • Dedicated success engineer
  • 24/7 support (< 1hr SLA)
  • SSO / SAML integration
Contact Sales

Enterprise-Grade Compliance

Built for regulated industries. RAKṢĀ helps you achieve and maintain compliance across major security frameworks.

🛡️
SOC 2 Type II
Compliant
💳
PCI-DSS v4.0
Validated
📋
ISO 27001
Certified
🏛️
Cyber Trust Mark
Level 5 Ready
🎯
MITRE ATT&CK
v19 Mapped
🔐
OWASP Top 10
Full Coverage
Protected by:🛡️ SOC 2🇪🇺 GDPR🔒 CCPA🔐 AES-256Learn more →
Alpha Access · रक्षा

Get Early Access to RAKṢĀ

Join our alpha program. Limited spots — we'll review applications and send API keys to approved users.

No spam. We'll only email you about your alpha access.