Save Time with Brakeman Pro Desktop

No need to switch between a Brakeman report and digging through files in an editor.

Brakeman Pro Desktop presents code and warnings together for fast triage.

With Brakeman Pro Desktop, you can keep track of investigations with per-warning notes, mark warnings as false positives or triaged, and adjust severity of warnings. Warning information is carried across reports on the same project.

To assist in triaging warnings, you can filter, sort, and search warnings in Brakeman Pro Desktop.

Everything in One Place

Is your hard drive littered with individual reports output by Brakeman OSS?

Brakeman Pro Desktop keeps all your scans over time across any number of projects in one place. Quickly flip through scans and track trends over time.

Expanded Rules, Deeper Analysis

The Brakeman Pro Engine includes new rules and expanded versions of rules/checks from the open source project. Brakeman Pro also enables the creation of custom rules which can be shared across projects in Brakeman Pro Desktop.

As the Pro Engine evolves, Brakeman Pro is able to both find more vulnerabilities while at the same time improving accuracy and reducing false positives.

Enhanced Information

Brakeman Pro generates more detailed enhanced descriptions for each warning. The enhanced descriptions are tuned to the actual code that produced the warning.

In Brakeman Pro Desktop, the filter chain view helps explore where filters are applied or missing. This is useful for verifying action-level authorization.

Test Integration

Brakeman Pro Engine includes RSpec/Minitest integration.

With Brakeman Pro, it is trivial to automate Brakeman scans just by adding a few lines of code to your regular automated tests.

Compatibility

The Brakeman Pro Engine gem can be used by most teams as a drop-in replacement for Brakeman OSS.

Brakeman Pro Desktop can also import false positive information from Brakeman OSS ignore files and export false positive information for use with the Engine gem.

Commercial Support

While best efforts are made to answer issues in the open source Brakeman project, our Pro customers have much higher priority.

All Brakeman Pro licenses include email support. Scheduled phone support is available.

With Brakeman Pro we can also sign those license agreements legal and procurement teams love so much!

Brakeman Pro vs. Open Source

Feature Brakeman OSS Brakeman Pro Engine Brakeman Pro Desktop
Fast source code security scans
Zero configuration required
Detects 20+ vulnerability types
Run at any point in development
Rails data flow analysis
JSON reports
False positive management
Command line interface
Minitest/RSpec Integration
Graphical desktop interface
Manage all reports in one place
Filter, sort, and search warnings
Track validated warnings
Create custom rules
Quickly explore action filters
Extended warning explanations
Syntax-highlighted code views
Store notes per warning
Analysis of view helpers
Deeper controller analysis
Render path navigation
Detect dynamic evaluation
Detect use of basic authentication
PDF reports
OWASP Top 10 mapping
Commercial support

Want to Know More About Brakeman Pro?

Contact us