Code analysis for Salesforce, reinvented from the ground-up.

We completely reimagined what a scanner should be, in the era of cloud business apps and  DevSecOps.

Start Free
SAST & Autofix

Industry-leading code scans. Groundbreaking autofixes.

Detect coding errors twice as accurately and take action to resolve faster than any other Salesforce code scanner.

Development Monitoring

Code + declarative

Scan every development, including Apex, LWC, Visualforce, Aura, Flows and low-code.


Scan 200+ type of metadata, and spare your team from manually reviewing big XML files.


Test how values propagate in your program, and automatically triage security hotspots.

Type inference

Understand inheritance, and what type expressions resolve to, for unparalleled scanning precision.

Call graph

Traverse function calls across methods, classes and model-view-controller components.


Detect vulnerable third-party dependencies embedded via CDN or static resources.

Custom rules

Automate any repetitive check on code and metadata with YAML.


Enhance your code automatically, with the power of generative AI.

Tech specs


AnalysisSyntax, control flow, data flow, taint, software composition, call graph, vulnerable dependenciesSupport languagesApex, Aura, LWC, VisualforceSupported metadata types208FormatesSource format, Classic metadataFPR0.12%

Support languages

Apex, Aura, LWC, Visualforce

Supported metadata types



Source format, Classic metadata




The most comprehensive library, curated by Salesforce experts.

Take advantage of a comprehensive catalogue of best practices, curated for you by our team of  experts, and updated with every Salesforce release.

Issue Management

OWASP Top 10

Find vulnerabilities, insecure code and misconfigurations.

Release readiness

Assess the impact of every new Salesforce release and  upgrade faster.


Ensure full alignment with the latest architectural guidance.

Clean code

Keep your code clean, readable and easy to maintain.

Unit tests

Ensure coverage, stop fake tests, and keep your apps robust and resilient.

Performance optimizations

Find issues with governor limits, large data volumes, and other scalability  bottlenecks.

Integrated code reviews

A new era of developer productivity.

Test your code at the source whenever it changes. Find issues early, fix them fast.

Issue Management

Git integration

Review your commits and pull requests with detailed inline feedback and suggestions.


Correct multiple issues with one click, saving valuable developer time.

Generative AI

Enhance your code automatically, with the power of generative AI.

False positive management

Dismiss irrelevant issues and keep your reports clean, in an auditable way.

Protection modes

Build your code review workflow with ease, without complex orchestration scripts.

Open data

Share issues and vulnerabilities with GitHub Alerts, Jira, ArmorCode, and more.


Measure your engineering performance, and embrace excellence.

Stay on top of your application's security, technical debt, and team performance with insights designed for technology leaders.

Issue Management


Track how your application quality and security improve over time.


See how individuals contribute, spot your best performers and identify training gaps.


Measure ROI and Clayton’s business impact with clarity and ease.

Clayton Logo

Clayton stops 1679 vulnerabilities and bugs, every day.

Join 500+ Salesforce teams and unlock your best engineering.
Start Free
Up and running in clicks. No credit card required.