AISLE for Open Source

We help keep the world’s most critical open source secure, finding the vulnerabilities that matter in the code millions of people depend on, before attackers do.

Proven on the world's most heavily audited codebases

OpenSSL logocURL logoLinux logoChromium logoApache logoMozilla logoRedis logoOpenEMR logoSQLite logoElastic logoMattermost logo

We help secure the code the world depends on

OpenSSL

20 of 23 CVEs across three releases

We work alongside the OpenSSL maintainers as a listed in-kind supporter, and our analyzer reviews pull requests as they open. Some of what it has surfaced had been hiding in the code since 1998.

Read the OpenSSL story
This release is fixing 12 security issues, all disclosed to us by AISLE. We appreciate the high quality of the reports and their constructive collaboration with us throughout the remediation.
Tomáš Mráz CTO, OpenSSL

curl

11 CVEs and counting

curl runs on more than 30 billion devices, even on Mars inside NASA’s Ingenuity helicopter. After AI “slop” forced curl to close its bug bounty, creator Daniel Stenberg adopted AISLE and now tags it in his own pull requests.

Read the curl story
A powerful analyzer that highlights code areas that need more attention in ways the old generation of code tools have not been able to. A much appreciated evolutionary step.
Daniel Stenberg creator and lead developer of curl

FreeBSD

21-year-old RCE

FreeBSD underpins everything from the PlayStation to critical infrastructure. AISLE discovered and disclosed a remote command execution flaw in dhclient that had survived in the code since 2005, trivially weaponizable on a local network.

Read the FreeBSD story

OpenEMR

38 CVEs · 2 at CVSS 10.0

OpenEMR keeps records for more than 100,000 healthcare providers serving 200 million patients. They built AISLE’s analyzer into their own code review.

Read the OpenEMR story
Their autonomous analyzer uncovered dozens of vulnerabilities in our codebase. Now, with AISLE’s analyzer running at the code review stage, we’re catching and fixing vulnerabilities before they ever reach production.
Brady Miller Executive Director, OpenEMR Foundation

Maintain a critical project? See if you’re eligible for the AISLE analyzer.

You might be eligible to use the AISLE analyzer at no cost if your project meets these criteria:

01

runs critical infrastructure

02

ships inside products people use every day

03

is a building block other software depends on

In Production

Running on projects trusted by millions

Open-Source Research

AISLE Nano-Analyzer: see what one open-source file can find

A single ~1,700-line Python file, running small and open-weight models, independently re-discovered the flagship FreeBSD zero-day from Anthropic’s Mythos showcase — at a fraction of the cost. We open-sourced it for the community: tuned for C and C++ memory safety, and small enough to run on a laptop, on the models you choose.