Cortex is an AI application security analyst that scans your GitHub repository for security vulnerabilities, architecture issues, and code quality problems. It uses a 7-agent AI pipeline inspired by neuroscience to analyze your entire codebase in 2–5 minutes and generates a detailed security report with fix suggestions.

Is AI-generated code secure?

Studies show that 40–45% of AI-generated code contains at least one security vulnerability. AI coding tools like Cursor, GitHub Copilot, and ChatGPT generate code that often includes SQL injection, hardcoded API keys, insecure authentication, and XSS vulnerabilities. Cortex was built specifically to detect and fix these AI-generated code patterns.

How does Cortex scan my code?

Paste your GitHub repository URL into Cortex. Seven specialized AI agents run in sequence: (1) Git Connect clones the repo, (2) Reconnaissance maps the codebase, (3) Security Scanner finds vulnerabilities, (4) Architecture Analyzer reviews design patterns, (5) Code Quality Agent checks best practices, (6) Technical Debt Agent finds maintenance issues, (7) AI-Specific Agent detects AI-generated code patterns. The Orchestrator synthesizes all findings into a single scored report.

What security vulnerabilities does Cortex detect?

Cortex detects SQL injection, XSS (Cross-Site Scripting), CSRF, SSRF, hardcoded API keys and secrets, insecure authentication, weak encryption, path traversal, command injection, and more. All findings are mapped to OWASP Top 10 and CWE standards with exact file locations and fix suggestions.

How much does Cortex cost?

Cortex offers a free tier with 5 security scans per month. Paid plans start at $9/month (Starter, 25 scans) and $49/month (Team, 100 scans). Enterprise pricing is available for unlimited scans with custom integrations.

Does Cortex store my source code?

No. Cortex temporarily clones your repository to perform the security analysis, but does not permanently store your source code. Only the security report and findings are saved to your account. Your code is never used to train AI models.

How is Cortex different from Snyk or Checkmarx?

Snyk and Checkmarx are enterprise tools costing $500–$2,000/month, built for large security teams. Cortex is built for indie developers, startups, and teams shipping AI-generated code. Key differences: Cortex uses a 7-agent AI pipeline (not single-model scanning), includes an AI chat advisor that understands your codebase, detects AI-generated code patterns specifically, and starts free at $9/month.

What programming languages does Cortex support?

Cortex supports JavaScript, TypeScript, Python, Go, Java, Ruby, PHP, and more. It analyzes any GitHub repository regardless of language, detecting security vulnerabilities and code quality issues across the entire codebase.

Legal

Terms of Service

Last updated: June 24, 2026

These are the terms under which you can use Cortex. Please read them. If you disagree with any part, do not use the service.

1. Who We Are

Cortex is an AI-powered security auditing service built and operated by Hamza Hafeez Bhatti, based in Lahore, Pakistan. The service is available at cortex-edr.com and app.cortex-edr.com.

When these terms refer to "Cortex," "we," "us," or "our," they mean the operator above.

2. What the Service Does

Cortex connects to GitHub repositories you provide, scans the code using a multi-agent AI pipeline, and generates a security audit report. The service also includes a conversational AI interface (Cortex Chat) that can answer questions about your codebase and audit results.

Cortex is a code analysis tool — it is not a substitute for professional security advice, a penetration test, or a security certification. Findings are generated by AI and may contain errors, false positives, or omissions.

3. Accounts

You must create an account to use the service. You are responsible for:

—Keeping your password secure.
—All activity that happens under your account.
—Ensuring the email address on your account is accurate and accessible.

If you suspect unauthorized access, notify us immediately at cortexedr@gmail.com. We are not liable for losses caused by unauthorized use of your account if you failed to secure it.

4. What You Can and Cannot Do

You can:

✓Use Cortex to audit repositories you own or have explicit permission to scan.
✓Share audit reports with your team or clients.
✓Use the output to improve the security of your code.

You cannot:

✗Use Cortex to audit repositories you do not own or have no authorization to access.
✗Attempt to reverse-engineer, scrape, or extract underlying AI models or pipelines.
✗Resell or white-label the service without a written agreement.
✗Abuse the service in ways that damage infrastructure or other users.
✗Use the service for any illegal purpose.

5. Plans and Billing

Cortex offers a free tier with a limited number of scans per month, and paid plans with higher limits. Paid plans are billed monthly through Paddle, our payment processor.

Subscriptions automatically renew unless you cancel before the next billing date. You can cancel anytime from your account settings. Cancellation stops future charges; we do not issue refunds for partial billing periods unless required by applicable law.

If a payment fails, we may downgrade your account to the free tier until payment is resolved. Prices are listed in USD and may change. If we increase the price of your active plan, we will notify you at least 30 days in advance.

6. Your Code and Data

You own your code. We do not claim any ownership over repositories you submit for analysis.

By submitting a repository, you grant Cortex a limited, temporary license to access and process its contents for the purpose of generating a security report. We do not use your code to train AI models, sell it, or share it with third parties beyond what is required to run the service (e.g., passing relevant code snippets to an AI API to produce an analysis).

Audit results and chat history are stored in your account and are accessible to you. See our Privacy Policy for full details on how we handle your data.

7. Accuracy of Results

AI-generated security findings are not guaranteed to be accurate, complete, or free of false positives. Cortex is a tool to assist in identifying potential issues — not a final authority on the security posture of your application.

Always validate findings before acting on them, particularly before disclosing vulnerabilities or making significant architectural changes. We are not responsible for decisions you make based on audit results.

8. Uptime and Availability

We aim to keep Cortex available and running, but we do not guarantee 100% uptime. The service may be unavailable during maintenance, updates, or unforeseen outages. We will make reasonable efforts to notify users of planned downtime.

9. Termination

You can close your account at any time. We will delete your account and associated data upon request, subject to our data retention obligations.

We may suspend or terminate your account if you violate these terms, without prior notice in cases of serious or ongoing violations. If we terminate your account for reasons other than a violation, we will notify you and, where applicable, provide a prorated refund.

10. Limitation of Liability

To the fullest extent permitted by law, Cortex is provided "as is." We are not liable for any indirect, incidental, or consequential damages arising from your use of the service, including but not limited to data loss, security breaches in your application, or lost revenue.

Our total liability for any claim related to the service is limited to the amount you paid us in the three months preceding the claim.

11. Changes to These Terms

We may update these terms from time to time. If we make material changes, we will notify you by email or a prominent notice in the app at least 14 days before the changes take effect. Continued use of the service after changes take effect constitutes acceptance of the new terms.

12. Governing Law

These terms are governed by the laws of Pakistan. Disputes arising from these terms will be resolved in the courts of Lahore, Pakistan, unless local consumer protection laws in your country require otherwise.

13. Contact

For questions about these terms, reach us at:

Email: cortexedr@gmail.com

Operator: Hamza Hafeez

← Back to home Privacy Policy →