Welcome to the Coana documentation!

Coana offers a vulnerability scanning tool designed to detect vulnerabilities in open-source dependencies. Through advanced static analysis, Coana can determine which vulnerabilities are actually reachable and thus vital to address promptly. It can also identify which vulnerabilities are unreachable, making them safe to ignore.

To scan a project, a Command-Line Interface (CLI) tool is used. Each scan generates a report that can be viewed on the Coana dashboard at (opens in a new tab).

Every report is associated with a specific project. While we recommend dedicating one project to each repository, the organization of your projects is ultimately up to you.

To get started with Coana, you can either use one of the platform-specific guides (GitHub or GitLab) or use the platform-agnostic CLI.