bytetr.com

What Is It

Remedify SAST is a modern static application security testing platform launched by Turkey-based Byte Bilgisayar. It is positioned as an “AI-supported, 100% On-Premise” code security product. Designed for enterprise source code scanning and application security testing, it emphasizes keeping code within the organization’s own environment, while using Taint Analysis to trace real data flows from source to sink in order to identify risks such as SQL injection, XSS, and command injection.

Core Capabilities

In terms of protection type, it is a SAST/source code analysis platform offering 150+ security rules, support for 10+ programming languages, and mapping of findings to OWASP Top 10 and CWE. On the management side, it provides a centralized Dashboard, project/scan/vulnerability management, automated scheduling, real-time statistics, severity classification, and fingerprint-based deduplication, as well as tracking for new, duplicate, and fixed vulnerabilities. AI false-positive filtering is one of its key selling points, aiming to reduce the noise commonly associated with traditional SAST tools.

Deployment and Integration

Deployment is its main differentiator: the page explicitly claims 100% On-Premise operation, with source code never leaving the enterprise environment. It also mentions TLS, hardware ID licensing, and systemd deployment, making it suitable for closed networks. Its integration capabilities are fairly comprehensive, with support for GitLab, GitHub, Azure DevOps, and Jira, plus CLI and API access for inclusion in CI/CD pipelines. It also supports incremental scanning, PR/MR scanning, and JSON/SARIF export, making it easier to connect with vulnerability management or ASPM tools.

Pricing and Limitations

Pricing is not publicly disclosed and is only available via a Demo or by contacting sales. The page also does not disclose compliance certifications such as SOC 2 or ISO 27001; it only states support for OWASP/CWE mapping. While AI filtering, rule coverage, and multi-language depth are described, there is a lack of public test data or customer case studies to substantiate these claims. For multinational enterprises, implementation delivery, upgrade and maintenance processes, and local support responsiveness should also be verified.

Who It’s For and Access From China

Remedify is suitable for financial institutions, government and enterprise organizations, software companies, and other teams that are sensitive about sending source code externally and need localized SAST and DevSecOps automation. Its accessibility from China is unknown, and payment methods are not disclosed. Before procurement, buyers should confirm network reachability, contract and payment arrangements, and Chinese/English support capabilities. If a more mature ecosystem or a China-local alternative is required, options such as SonarQube, Checkmarx, Fortify, Snyk Code, Semgrep, GitLab SAST, as well as domestic code security scanning products, may be worth evaluating.