Home
About
Company Overview Our Team Careers
Core Pillars
Cybersecurity Trust & Resilience AI Trust & Governance AI Security & Assurance Code Trust & Secure Digital Delivery
Frameworks
NS-CMMF NS-AIGF NS-AISCA NS-CTAF
Platforms
Cybersecurity Maturity Platform AI Security Assessment Platform
Solutions
Managed Detection & Response Payment Security & DPI Digital Identity Financial Inclusion Post-Quantum Cryptography
Paxley Insights Contact
Request a briefing →
Our Product
Paxley

End-to-End Code Security. Built for Modern Engineering Teams.
Secure every commit, pull request, and release across your entire software supply chain.

Visit Paxley Book a demo Start a trial
Pillar 3 · NS-CTAF

Paxley for Code Trust

GitHub-native scanning across every commit, pull request and release. Continuous NS-CTAF control enforcement, SBOM management, dependency governance and CTA-1 to CTA-4 certification scoring.

Explore Pillar 3 →
Pillar 2A · NS-AIGF

Paxley for AI Governance

Continuous NS-AIGF control monitoring for AI systems in production. Audit trails, governance dashboards, EU AI Act compliance tracking and board-level AI trust reporting.

Explore Pillar 2A →
Platform Paxley · A Modern & Unified Code Security Platform Engines 12 Scanning Engines · Opengrep · CodeQL · OSV-Scanner · Gitleaks · Trivy Capabilities 8 Capability Areas · Code · Supply Chain · Secrets · IaC · Containers · SBOM Pricing Per-Repository · Not Per-Seat · 79% Savings vs Per-Seat Tools GitHub GitHub-Native App · No Agent · No Pipeline Maintenance · <5 Min Scan Privacy Source Code Stays in Your Infrastructure · Customer-Controlled Runners Frameworks NS-CTAF v1.0 · NS-AIGF v1.0 · CTA-1 → CTA-4 Certification Platform Paxley · A Modern & Unified Code Security Platform Engines 12 Scanning Engines · Opengrep · CodeQL · OSV-Scanner · Gitleaks · Trivy Capabilities 8 Capability Areas · Code · Supply Chain · Secrets · IaC · Containers · SBOM Pricing Per-Repository · Not Per-Seat · 79% Savings vs Per-Seat Tools GitHub GitHub-Native App · No Agent · No Pipeline Maintenance · <5 Min Scan Privacy Source Code Stays in Your Infrastructure · Customer-Controlled Runners Frameworks NS-CTAF v1.0 · NS-AIGF v1.0 · CTA-1 → CTA-4 Certification
12
Scanning Engines
8
Capability Areas
<5 min
Typical Scan
79%
vs Per-Seat Pricing
1
Unified Platform
What is Paxley

Our mission is to give modern engineering teams a unified Code Security Platform

Paxley secures every commit, pull request, and release — without source-code custody concerns and without per-seat pricing.

Paxley scans repositories for code, dependencies, secrets, infrastructure, containers, and licenses, and consolidates all findings into a single dashboard. Code quality and health are included alongside the seven security capabilities.

Installs as a GitHub App. Runs scans in under 5 minutes. Posts results back as PR comments. Source code can remain within the infrastructure via customer-controlled GitHub runners.

Why Paxley
Per-repository pricing — not per-seat
A 50-dev / 10-repo team pays $990/mo — not $4,750/mo. 79% saving.
No source-code upload
Scans run on your runners. Code stays in your infrastructure.
Diff-aware PR feedback
Focus on what changed — not years of legacy findings.
12 engines, 1 normalised model
Opengrep, CodeQL, OSV-Scanner, KICS, Gitleaks, PHPStan, Psalm, PHPMD, govulncheck, Trivy (image), Trivy License, and Trivy Config — all normalised.
AI remediation guidance
Actionable fix guidance with auto-remediation — not just raw scanner output.
Eight Capability Areas · One Unified Platform

Complete code security coverage

Every security dimension in a single scan — no stitching together multiple tools.

01
Code Security
SAST via Opengrep + CodeQL, 8+ languages, dataflow tracking
02
Supply Chain
SCA via OSV-Scanner + govulncheck, reachability filter
03
Secrets
Gitleaks across source and full git history
04
Infrastructure
IaC scanning — Terraform, K8s, Helm, CDK — via KICS + Trivy
05
Containers
Image vulnerability scanning via Trivy
06
License Compliance
GPL / LGPL / AGPL / MIT policy enforcement
07
SBOM & Governance
CycloneDX + SPDX export, VEX support, audit-grade
08
Code Quality & Health
Maintainability, complexity, code-health rollups

What makes Paxley different

Built on Nucleus Systems proprietary frameworks, not generic rulesets.

NS-CTAF & NS-AIGF enforced

Every scan maps directly to Nucleus Systems proprietary control frameworks — not commodity SAST rules or generic policy sets.

GitHub-native, zero friction

Installs as a GitHub App in minutes. Scans every PR and commit in context. No agent, no pipeline change, no maintenance overhead.

Repo-based pricing

Priced per repository, not per developer. 50 devs and 10 repos costs $990/mo — not $4,750/mo. 79% saving versus per-seat tools.

Continuous trust scoring

Live Code Trust Score across all repositories. Track maturity improvement over time. Board-ready and auditor-ready output.

SBOM & supply chain governance

Automatic SBOM generation in CycloneDX and SPDX formats, dependency health scoring, licence compliance and open-source risk tracking.

Source code stays with you

Scans run on your own GitHub runners. No source-code upload. No custody transfer. Designed for enterprises with strict data residency requirements.

How we compare

We respect the incumbents. Honest fit guidance.

Category How Paxley compares
SCA-first toolsDirect competitor — Paxley wins on per-repo pricing and source-code privacy
Code quality platformsCompetes directly — Paxley adds security depth and unified coverage
Native SCM securityCompetes on price; shares some engine overlap — Paxley adds significantly more scanning engines
SAST-focused toolsBroader scope; overlaps on static analysis — Paxley unifies across all 8 capability areas
Enterprise SAST platformsBelow their enterprise tier — Paxley is the mid-market alternative
Legacy SAST vendorsComplementary — Paxley is faster to deploy and more cost-efficient for modern teams
Code health toolsDifferentiated focus — Paxley adds supply chain, secrets, IaC, and container coverage
Example savings
50 devs / 10 repos = $990/mo vs $4,750/mo on per-seat tools — 79% saving.

Pricing & plans

Per repository, not per developer. Security costs scale with your codebase.

Community
Free / always
Open-source projects and solo developers
Get started
Starter
$99 / repo / mo
Funded startups and small engineering teams
Start trial
Growth
$149 / repo / mo
Scaling teams with multiple repositories
Start trial
Enterprise
Contact us
Self-hosted needs, custom runners, advanced compliance
Talk to us

Nucleus Systems frameworks enforced

Paxley operationalises Nucleus Systems proprietary frameworks at the point of development — every commit, every PR, every release.

NS-CTAFCode Trust Assurance Framework
NS-AIGFAI Governance Framework

Ready to see Paxley in action?

Book a 30-minute demo with a Nucleus Systems practitioner — or go straight to Paxley and start a free trial today.

Visit Paxley Book a demo