Overview
Kolega.dev is an autonomous security remediation platform that connects to your GitHub repositories via GitHub App. It detects vulnerabilities through traditional and AI-powered scans, generates context-aware fixes, tests them in isolated environments, and creates production-ready pull requests automatically.
How It Works
Kolega runs security scans on a scheduled basis (frequency depends on your tier). When vulnerabilities are detected, the platform analyzes your codebase to understand the context, generates appropriate fixes, and submits them as pull requests after verifying they don't break existing functionality.
Core Capabilities
Detection
Runs traditional scanners (SAST, SCA, Secret Detection) alongside AI-powered deep scans to identify security and quality issues.
Remediation
Generates code fixes tailored to your codebase with explanations of what changed and why.
Testing
Runs existing tests and generates new tests in an isolated sandbox environment to verify fixes before creating pull requests.
Grouping
Groups similar vulnerabilities together and resolves them in unified pull requests to reduce review overhead.
The Remediation Loop
Kolega operates asynchronously while providing comprehensive security coverage:
Ingest
GitHub webhook triggers on push or pull_request events. Scans run automatically on a schedule based on your tier.
Scan
Codebase is analyzed using traditional scanners (SAST, SCA, Secrets) and AI-powered deep scans. Results are processed to eliminate duplicates and false positives.
Synthesis
AI agent generates context-aware patches with natural language explanations, understanding your codebase architecture and security posture.
Verify
Fixes are applied in an isolated sandbox environment. Existing tests run alongside newly generated tests to ensure nothing breaks.
Action
Pull request is created with the fix, tests, and documentation updates. Can be auto-merged based on your configured confidence policies.