How do I check my website for security vulnerabilities?
CodeFrog ($99/year) performs multiple layers of security scanning:
- OWASP Security Scan: Tests for common web vulnerabilities including missing security headers, insecure configurations, and more
- Secrets Detection (Gitleaks): Scans page source for exposed API keys, tokens, and credentials
- Supply Chain Vulnerabilities (OSV): Checks dependencies against the Open Source Vulnerability database
- Static Analysis (Semgrep/OpenGrep): Identifies code-level security issues
All scanning runs locally on your machine — your site data never leaves your computer. No per-scan fees or usage limits.