About

We catch vulnerabilities at push speed.

Right now you can use our free public code scanner — paste a public Git URL and get a SAST, secrets, CVE, and IaC report, no login. We're building the rest: a container-security platform for engineering teams that ship hourly, not quarterly. We were engineers tired of policy meetings; we're building the gate that should have existed already.

What we do

What's live today is the free public code scanner: paste a public Git URL and get a SAST, secrets, CVE, and IaC report in your browser — no account required. It's the same scanning core everything else is built on.

The platform we're building puts that scan between your CI pipeline and your build output. Every artifact gets a fresh scan — CVEs, secrets, license drift, and policy violations — before it ships. Bad artifacts get blocked at the gate; good ones get a signed attestation and a link to the audit log. This, and everything beyond the public scanner, is coming soon and will live behind an account.

We are a thin, fast layer on top of the open-source security ecosystem. What we add is the policy engine, the multi-tenant control plane, the audit log built for SIEM export, and the kind of UI that doesn't make engineers want to disable scanning.

Why we started

Two of our founders ran platform teams at a fintech. One ran container security at a healthcare scale-up. All three had the same complaint: the existing tools were either CVE-only scanners that flooded the dashboard, or policy frameworks so heavy nobody actually adopted them. The gap between "there are CVEs" and "here is the one image to fix and the diff to merge" was the entire job — and nobody was doing it well.

socbox is the gate we wished had existed, and the one we're building: block at push, don't flood the dashboard, and treat compliance as a side effect of doing the right thing instead of a separate project.

How we work

Operator-grade UX.Every screen built by someone who's been on-call. No more "404 results across 12 tabs" vulnerability dashboards.
Open formats first.The platform we're building commits to standard, portable outputs: SBOMs in CycloneDX and SPDX, signed attestations, and audit-log exports in line-delimited JSON suitable for SIEM ingestion. No proprietary lock-in.
Honest pricing.Today the public scanner is completely free — paste a public Git URL, get a report, no login. When the paid team platform ships we plan to price it per-image-scan, with no minimum commits and no "contact sales" gate; Enterprise will be for compliance + multi-tenancy, not a paywall on basic features.
Self-host friendly. A planned Enterprise tier will let customers run the data plane inside their own infrastructure, so artifact bytes never leave their boundary. Privacy by architecture, not by promise.

Careers

We hire engineers who have been on-call for the systems they build. We don't hire for "leadership" — we hire for judgment. For open roles, email the hiring team; if you don't see your role but think we should know about you, email hello@socbox.cloud with what you'd build.

Contact

Sales + general: hello@socbox.cloud
Security: security@socbox.cloud (see disclosure policy)
Press: press@socbox.cloud