> For the complete documentation index, see [llms.txt](https://learn.heeler.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://learn.heeler.com/readme.md). # Welcome to Heeler {% hint style="info" %} **Jump to what you need** * [Supported Technologies](/readme/supported-technologies.md) — What technologies and ecosystems does Heeler support * [Getting Started](/getting-started.md) — Connect your environment in minutes * [Product Walk-Through](/product-walk-through.md) — A guided tour of Heeler's Agentic Development Security platform * [Use Cases](/use-cases.md) — How teams use Heeler to solve specific security challenges {% endhint %} ## The Problem Heeler Solves AppSec teams now face two compounding challenges that traditional tools weren't designed for. **Agents write more code, faster, with less scrutiny.** Coding agents — Codex, Cursor, Claude Code, Copilot, and custom models — generate code faster than humans can review it. Each agent has different defaults and different security behaviors. There is no consistent posture across them, and the volume of code they produce creates more exploitable paths than any human review process can handle. **AI attackers exploit that code at machine speed.** Supply chain vulnerabilities, insecure code patterns, and exposed secrets that once required days or weeks to weaponize can now be discovered and exploited in minutes. AI attackers chain low-severity findings into novel exploits, making prioritization-based security strategies inadequate. Heeler addresses both by gathering context automatically and using it to prevent, fix, and audit risk continuously to secure the AI SDLC. ## Prevent → Fix → Audit **Prevent** — Heeler embeds directly into coding agents through MCP and agent skills to enforce policies and steer secure code generation before insecure code exists. This prevents compromised dependencies, unsafe upgrades, and non-compliant code from ever reaching developers or CI. **Fix** — Heeler burns down the backlog and responds the moment new CVE research is published. It deterministically selects the safest, highest-impact upgrade path, validates the fix, resolves CI failures, and produces a verified PR ready to merge. **Audit** — Heeler continuously verifies security pre-commit, at pull request, and post-merge. When new exposure is identified, Heeler automatically validates fixes, generates remediations, opens verified PRs, and orchestrates response workflows. ## One Platform. Three Security Domains. Heeler covers **Open Source (SCA)**, **Code (SAST)**, and **Secrets** security — unified in a single platform with shared context across all three. ## Heeler Is a Context Engine Heeler connects your repos, registries, and cloud — then automatically builds the context that makes every fix deterministic, every guardrail precise, every workflow automatic. No sensors. No tagging. No build modification. The context Heeler gathers spans six dimensions: * **Agent** — Skills, MCP configs, and policies used by your coding agents * **Code** — Repos, modules, dependencies, reachability, patterns, and commit history * **Cloud** — Live services, exposure, configuration, deployment state, and threat modeling * **Business** — Service criticality, compliance scope, and risk tolerance * **Ownership** — Team mapping down to the dependency level * **Threat** — Vulnerability research, CVE feeds, and exploit availability *** {% hint style="info" %} At Heeler, we believe a great customer experience means being your partner in building a resilient AppSec program — not just a vendor delivering a tool. Whether you have a question, need a second opinion, or want to talk through a challenge, we're just a message away. Reach out anytime via your dedicated Slack or Teams channel, or email us at . We're here to help you succeed. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://learn.heeler.com/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.