Skip to main content
Corgea

Overview

Corgea is a SAST platform that pairs code vulnerability detection with AI-generated fix suggestions. The Pwnbook integration pulls open findings from Corgea, including which ones have auto-fixes ready, so your team can triage and remediate without switching tools.

Prerequisites

  • A Corgea account
  • A Corgea API token
  • Admin or Owner access in Pwnbook

Setup

1

Generate a Corgea API token

  1. Log in to your Corgea dashboard.
  2. Go to Settings → API Tokens.
  3. Create a new token and copy it.
2

Configure in Pwnbook

  1. Go to Organization Settings → Marketplace → Corgea.
  2. Enter your API Token.
  3. Click Save & Test to verify the connection.

What gets synced

DataDescription
SAST findingsCode vulnerabilities with file path and line numbers
AI fix availabilityWhether Corgea has generated an auto-fix for the finding
SeverityCritical, High, Medium, Low
StatusOpen, fixed, ignored

Workbench card

The Corgea workbench card shows open findings by severity and how many have AI fixes available — useful for prioritizing quick wins.