// why we built this

Stop merging things nobody actually reviewed.

Every diff has two ways to fail in production. It can ship a vulnerability — and it can ship a quality regression: sloppy error handling, an architecture bypass, a missing test, a thing the team agreed not to do six months ago and forgot. CodeGuards is two reviewers that show up on every diff, every time — Security scans for vulnerabilities and Code review for quality, naming, tests, and architecture-boundary bypasses. One workspace, one Stripe invoice, one audit trail.

It is not a coding assistant. Coding assistants help engineers write more code, faster. CodeGuards is the part that's missing on the other side: the reviewer that reads what was written, before it merges. Different job, opposite goal — and the one that's been quietly absent from the AI tooling boom.

Generic checks miss repository-specific mistakes

// traditional tools

Signatures & generic rules

approach: Signatures and predefined rules
scope: Generic scans across the tree
noise: Repeated false positives until someone tunes

// codeguards

Repository-aware review

memory: Repository memory per connected repo
context: Context awareness on the diff being shipped
reasoning: Historical reasoning — fixes, suppressions, conventions
output: Repository-specific review, low noise

Teams stop explaining: "we do this here because…" — once per repo, with a note in the audit trail.

This isn't another coding assistant. This is the reviewer.

Coding assistants got most of the AI-tooling budget for the last two years — for good reason: they make individual engineers faster. But none of them read what was written and decide whether it should ship. That job stayed with humans, who do it last, in a hurry, after the change has dragged through three rebases. CodeGuards is the reviewer that took that job — not faster typing, but better gating.

// AI coding assistant

Helps you write code

When it runs: While the engineer is typing.
What it optimises for: Speed of writing — fewer keystrokes, fewer context switches.
Who benefits: The individual engineer, on their own keyboard.
Risk it leaves on the table: Vulnerabilities, architecture drift, missing tests, sloppy error handling — same as before. The bot was the optimist; nobody got more skeptical.
Audit posture it produces: None. It doesn't keep a record of decisions.

// codeguards · reviewer

Decides if your code should ship

When it runs: On every push, every MR / PR — after the code was written, before merge.
What it optimises for: Quality of what merges — caught vulnerabilities, caught architecture bypasses, caught regressions.
Who benefits: The team — fewer prod incidents, less drift, less audit-prep scramble.
Risk it removes: Both vulnerability risk (Security scans) and quality / architecture risk (Code review). The two failure modes that ship to prod through the diff.
Audit posture it produces: Timestamped, per-change record of who reviewed what, who accepted what, with reason — SOC 2, ISO 27001, PCI-DSS evidence as a side effect.

The two are complementary, not competitors. Keep your assistant for writing speed. Add the reviewer for what merges. The cost of not having the reviewer shows up later — usually in a Sunday-night incident, or four weeks before an audit.

What changes for the business

The line items engineering leadership and finance actually look at, once both pipelines run on every PR for a few weeks. We're not going to invent precision we don't have — these are the directional outcomes teams report after rolling CodeGuards across a workspace, with the numbers they measured, not us.

// engineering leadership

Less human PR-review time per MR

The bot handles the boilerplate review pass — style, missing tests, the obvious architecture bypass — so humans focus on intent.

≈ 30–50% less time

// security / appsec

Findings shift left, before merge

Vulnerabilities surface on the diff that introduces them, not in next quarter's whole-tree report. Mean time to acknowledge drops from weeks to hours.

~ same-day acknowledge

// audit / compliance

SOC 2 / ISO change-management evidence is just there

Per-change, per-product timestamped record. The week-before-the-audit scramble to assemble months of review history stops being a thing.

audit-ready by default

// finance / cto

One invoice replaces two or three vendors

Bundle: €289/mo + €0.75 per combined run (security + review on the same diff). No seat fees, no per-repo upcharge. Predictable line item finance can cap from workspace settings.

one Stripe line, no surprise

What breaks in the usual process

Both halves of "is this diff safe to merge?" fail in their own way today. Almost every team we've talked to has lived all four of these:

Manual code review quality changes with time pressure and reviewer fatigue. The 5th MR of the day gets a thumbs-up where the 1st got three rounds. Architecture concerns lose. Tests-not-added concerns lose. By Friday, almost everything ships unchallenged.
Whole-tree rule engines surface the entire codebase backlog every time, so the relevant 2 findings are buried under 200 historical ones. Most teams run them quarterly, which is the same as not at all for a change shipped on Tuesday.
Style / quality bots spam every PR with the same nitpicks until the team mutes them — taking the actually-useful comments down with them. By month two the bot is a cron job nobody reads.
Architecture decisions live in a Confluence page nobody opens. The bypass merges because no one remembered the rule. Six months later there are eleven such bypasses and the rule is effectively dead — not because anyone disagreed with it, but because nothing was checking it.
AI coding assistants made all of this faster — more code, written quicker, by the same number of engineers — but didn't add a second pair of eyes on the result. The bot was the optimist; nobody got more skeptical. That's the gap CodeGuards fills.

Two reviewers, one workspace

CodeGuards splits review into two products that share infrastructure but answer different questions. Run one, run both, toggle them per-repo. Same dashboard, same Stripe invoice, same audit-grade record on every run.

Security scans

Will this change ship a vulnerability?

Reasoning across files, not regex. Knows your framework, surrounding code, and the patterns your team has already accepted as fine. Verdict gates CI; finding posts on the diff.

Code review

Will this change drift the codebase?

Style, naming, error handling, missing tests, architecture-boundary bypasses. Inline remarks on the diff line, with a "Suppress" chip for false positives. Auto-resolves in GitLab when your team agrees.

The policies the bot enforces are yours

A bot that ships with one opinionated rulebook and no way to bend it is a bot you'll mute by week three. CodeGuards is the opposite: every policy that decides what gets flagged, what stays silent, and what gets gated lives in your workspace, in your repo, and is editable by your team — not us.

Architecture policy code review

Per-repo rulebook (.codeguards/review.yml) declares your bounded contexts, layered dependencies, naming conventions, and the things you actually enforce in PR review today.

The bot reads it on every PR and flags the diff that crosses the rule — with a one-line citation of which rule fired, not a generic SOLID lecture.

Suppression policy both products

One click on the "Suppress" chip with a one-line reason, and the same fingerprint stops surfacing on this repo — for both exact matches and category-path neighbours, so a rephrased AI output still hits the same rule.

Per-repo, per-fingerprint, with author and timestamp in the audit trail. Reviewable later, never lost in chat.

Severity & tone policy per repo

Three knobs per product: review style (chill / balanced / strict), minimum severity floor, tone (professional / friendly / blunt).

Set the docs repo to chill + low and the payments service to strict + critical. Same workspace, two policies.

One workspace beats two invoices

The other reason teams give up on PR-review tooling is operational, not technical: a security tool sits next to a code-quality tool, next to a separate SAST product — three vendors, three dashboards, three audit trails, three Stripe invoices, three sets of suppressions that don't talk to each other. CodeGuards is one workspace, one billing meter, one record. The commercial policy is set up to push you toward the bundle on purpose, because that's the deployment that makes both products work better:

Commercial policy, in one table

Each product is full-priced on its own — flat base plus €0.50 per completed run. Take both as the bundle and we replace the two bases with one discounted one (saves €89/mo) and bill a "combined run" — both pipelines firing on the same diff — at €0.75 instead of 2 × €0.50. So every PR that gets both reviews saves you €0.25 over running them as separate products.

No seat fees, no per-repo upcharge, no enterprise-quote-required to find out what something costs. Failed runs are never billed. Cap monthly spend per meter from workspace settings.

Full details, FAQ, and the volume tier on the pricing page.

Plan	Base	Per run
Security scans only	€189 / mo	€0.50
Code review only	€189 / mo	€0.50
Bundle (both)	€289 / mo save €89/mo	€0.75 / combined run vs. ~~2 × €0.50~~

What CodeGuards is designed to do

Look at the actual change, not a giant backlog of historical noise. Both products work on the diff — not on the entire codebase every time.
Keep findings and remarks close to the merge request so teams can act in the same window. Security scans post a verdict and inline notes; Code review posts one inline thread per remark.
Learn from each repo. Mark a finding or a remark as accepted once with a short note — the same pattern stops surfacing on future runs of that repo, for both exact matches and category-path neighbours.
Hold an opinion about your codebase's architecture. The Code review pipeline reads .codeguards/review.yml from your repo — bounded contexts, layered dependencies, "controllers don't talk to Eloquent" — and flags the bypass when someone reaches across.
Auto-resolve the GitLab discussion when the team agrees a remark is fine. No dead "resolved" threads, no scrolling past the bot to find a human review.
Give engineering leadership a dashboard and report layer they can actually read — both pipelines side-by-side, same shape on both.
Make security and quality review part of the delivery flow instead of separate ceremonies — and bill it on one invoice, not three.

What good looks like

Developers get fast, on-the-diff feedback — security and quality, in the same MR thread, before a human reviewer opens it. Tech leads see which projects introduce the most risk and which drift the most off the agreed architecture. Leadership gets a clearer view of exposure over time. The product keeps moving without pretending security or code quality is somebody else's problem.

And when audit season hits

Same paper trail on both products. Every scan and every review persists a timestamped record — what was checked, the verdict, the findings, the acceptance notes with author and reason.

That lines up with SOC 2 CC7.1 / CC8.1, ISO 27001 A.14.2, and PCI-DSS 6.3. CodeGuards is not a certification, but you skip the scramble to assemble months of review history by hand the week before the walk-through. The audit evidence is the same shape whether the question is "did anyone look at this for vulnerabilities?" or "did anyone push back on the architecture choice here?".

Use it where the risk shows up first: in the diff. Both products on, one workspace, 14-day free trial. That's the entire point of CodeGuards.

Start free trial

Related: Security scans · Code review · Product overview · How it works · Pricing