Secure Your Code at the Source With Puma Scan


Puma Scan is a software security analyzer that provides real time, continuous source code analysis for C# applications. With Puma Scan, vulnerabilities are displayed immediately in the development environment and appear as spell check and compiler warnings.

Learn more


Scans Your Code

With Puma Scan, you work and code as normal, while the integrated Puma Scan security rules silently search for security vulnerabilities and alert you if any are found.

Identifies Security Vulnerabilities

Security analyzers run on code files as the compiler parses syntax nodes, trees, symbols, code blocks, or semantic models. Identified vulnerabilities are tagged in the source code location by Visual Studio.

Secure Coding Fixes

Over 55+ documented vulnerabilities to reference and common secure fixes for them. Rule categories include; Configuration, Cross-Site Scripting, Cryptography, Insecure Deserialization, Injection, Password Management and Validation.

Puma Scan Professional Editions

End User License

One individual license on up to three machines is provided.

Puma Scan Pro offers 55+ Security Rules and fewer false positives

than the open source edition. It includes configurable settings

and more.

Server License

With all of the benefits of the end-user license the server

license is built specifically for your server. This edition

includes one build server license, with the option to add

additional server agents. It also includes the ability to export

results to HTML, JSON, MSBUILD and more.

Enterprise License

For large .NET development teams, we offer custom builds for

the amount of servers your project team size requires.

We will review the scope of your request and provide a

custom quote to fit your needs.

Download a Trial Today! 30-Day Trial

Resources and FAQ's


Our backgrounds guided us to where we are today. From our start with secure coding in .NET, to nearly 30 combined years in the developer and security community, we understand the importance of including security measures through all parts of the SDLC and DevOps processes.
Eric Johnson Headshot Puma Scan

Eric Johnson

Principal Security Engineer

Eric's extensive experience includes application security automation, cloud security reviews, static source code analysis, penetration testing, SDLC consulting, and secure code review assessments.

Eric Mead Headshot Puma Scan

Eric Mead

Principal Security Engineer

Eric has 15+ years in software development. His primary focus is the .NET framework, however, Eric has a considerable amount of experience in front end frameworks such as Angular and React.

Brooke Johnson Headshot Puma Scan

Brooke Johnson

Managing Director - Client Engagement

Brooke is responsible for driving business development and the continuous improvement of client experience. Prior to this role, she worked at Caesars Entertainment for over 11 years.