devtune
Sign Up
Codacy logo

AI visibility report for Codacy

Vertical: AI Code Review & Code Quality

AI search visibility benchmark across 5 platforms in AI Code Review & Code Quality.

Track this brand
25 prompts
5 platforms
Updated May 17, 2026
8percent

Presence Rate

Low presence

Top-3 citations across 125 prompt × platform pairs

+0.35

Sentiment

-1.00.0+1.0
Positive
#8of 11

Peer Ranking

#1#11
Below averagein AI Code Review & Code Quality

Key Metrics

Presence Rate8.0%
Share of Voice7.5%
Avg Position#42.8
Docs Presence2.4%
Blog Presence6.4%
Brand Mentions7.2%

Platform Breakdown

Grok
32%8/25 prompts
Google AI Mode
4%1/25 prompts
Perplexity
4%1/25 prompts
ChatGPT
0%0/25 prompts
Gemini Search
0%0/25 prompts

Overview

Codacy is a cloud-native code quality and application security platform founded in 2012 and headquartered in Lisbon, Portugal. It helps engineering teams automatically detect and fix quality issues, security vulnerabilities, and policy violations across the full software development lifecycle—from IDE to production. The platform covers static analysis (SAST), software composition analysis (SCA), secrets detection, infrastructure-as-code scanning, DAST, and test coverage tracking, all without requiring CI/CD pipeline integration. As of 2025–2026, Codacy has expanded into AI-assisted engineering governance with AI Guardrails, an AI Reviewer, an AI Inventory, and an AI Risk Hub. It is trusted by over 15,000 organizations and more than 200,000 developers worldwide, and has raised approximately $29.9M in total venture funding.

Codacy is a DevSecOps platform that unifies code quality scanning, application security testing, and AI coding governance into a single cloud-based solution. It analyzes code across 49 languages via SAST, SCA, secrets detection, IaC scanning, DAST, and test coverage measurement, delivering results on every commit and Pull Request via webhook—no CI/CD pipeline steps required. Its AI Reviewer layer adds context-aware PR feedback and one-click fix suggestions, while AI Guardrails enforce organizational coding and security policies in real time inside IDEs and AI coding agents (Copilot, Cursor, Claude). The platform provides a centralized AI Inventory and Risk Hub for organizations managing AI-generated code at scale.

Key Facts

Founded
2012
HQ
Lisbon, Portugal
Founders
Jaime Jorge, João Caxaria
Employees
50-100
Funding
~$29.9M
Customers
15,000+ organizations
Status
Private

Target users

Engineering leaders and VPs of Engineering seeking organization-wide code quality and security governanceDevSecOps and platform engineering teams consolidating AppSec toolingSoftware development teams using AI coding assistants (Copilot, Cursor, Claude) needing guardrailsMid-market and enterprise engineering organizations with multi-repo, multi-language codebasesCompliance-focused teams requiring audit-ready reports for SOC 2, ISO 27001, or PCI DSSOpen-source project maintainers (free tier for public repositories)
codacy.com

Key Capabilities10

  • Automated static code analysis (SAST) across 49 programming languages and frameworks
  • Software Composition Analysis (SCA) with daily CVE and malicious package re-scans
  • Hardcoded secrets and password detection
  • Infrastructure-as-Code (IaC) misconfiguration scanning
  • Dynamic Application Security Testing (DAST) and container image scanning (Business tier)
  • AI-powered Pull Request reviewer with one-click fix suggestions and false positive triage
  • AI Guardrails: real-time enforcement of coding/security policies during AI-assisted code generation in IDE and agentic workflows
  • Test coverage tracking and merge gates with configurable thresholds
  • Centralized AI Inventory and AI Risk Hub for governing AI model and tool usage
  • Organization-wide security and risk dashboard with SBOM export and SLA tracking

Key Use Cases8

  • Automated code quality and security gate enforcement on every Pull Request
  • Governing and auditing AI-generated code from Copilot, Cursor, Claude, and other coding agents
  • Standardizing coding and security policies across large, multi-repo engineering organizations
  • Continuous compliance evidence generation for SOC 2, ISO 27001, and PCI DSS
  • Scaling unit test coverage measurement and enforcement across engineering teams
  • Replacing fragmented tool stacks (SAST + SCA + secrets + coverage) with a single platform
  • Developer experience improvement by shifting security and quality feedback into the IDE
  • Technical debt visibility and remediation tracking at portfolio scale

Codacy customer outcomes

LSports

10x unit test coverage increase (7% to 70%); zero new critical security issues in 2 years

LSports standardized 800 core repositories under unified quality gates and achieved a 10x increase in unit test coverage (from under 7% to 70%) over approximately two years of structured Codacy implementation, while blocking all new critical security issues at the PR merge gate.

O.C. Tanner

Up to 60% reduction in development costs

O.C. Tanner reduced the time to identify coding issues to less than 10% of the time previously required, resulting in up to 60% savings in development costs after consolidating their code quality toolset with Codacy.

Recent Trend

Visibility-6.4 pts
Avg position+12.84
Sentiment+0.11

How AI describes Codacy3

Codacy AI Reviewer : A solid choice if you also want quality gates and metrics embedded at the PR level, not just review comments.

What AI code review tools have the smoothest version control platform integration so reviews appear inline on diffs automatically on every PR?

perplexityDirect Codacy mention
...pt services, the most consistently reliable options are SonarQube and Semgrep for predictable, low-noise quality checks, while Codacy and CodeRabbit are stronger if you want AI-style pull request feedback layered on top of broader checks.

Which AI code review tools maintain consistent review quality across a polyglot repository with Go, Python, and TypeScript services?

perplexityDirect Codacy mention
Codacy (with AI Features) ----------------------------- Best for: Combining static analysis (SAST) with generative AI Codacy takes a hybrid approach.

Which AI code review tools maintain consistent review quality across a polyglot repository with Go, Python, and TypeScript services?

google-aiDirect Codacy mention

Most cited sources8

Alternatives in AI Code Review & Code Quality6

Codacy positions itself as an all-in-one, pipeline-less DevSecOps platform that unifies code quality, static security (SAST), software composition analysis (SCA), secrets scanning, IaC, DAST, and AI coding governance in a single cloud-native solution.

  • Its differentiating angle against SonarQube/SonarSource is simpler setup with no CI/CD pipeline steps and predictable per-developer pricing (not per-line-of-code).
  • Against pure AI reviewers like CodeRabbit, Codacy emphasizes its broader deterministic scanning suite and AI Guardrails governance layer.
  • The platform increasingly targets agentic/AI-assisted development teams, billing itself as the guardrail layer for Copilot, Cursor, and other LLM-driven coding agents.
View category comparison hub

Reviews

4.6/5G2·28+

Praised

  • Easy integration with GitHub, GitLab, and Bitbucket
  • Automated PR code reviews with minimal configuration
  • Broad multi-language support (49 languages)
  • Quality gates and merge enforcement
  • Fast setup — full scan within minutes
  • Responsive and helpful customer support team
  • Actionable, line-level issue feedback
  • Saves significant time on manual code reviews

Criticized

  • Pricing is high for small teams or individual developers
  • Email support response times can exceed 24 hours
  • No support for Azure Repos or self-hosted Git deployments
  • Signal-to-noise ratio requires manual tuning for some stacks
  • Repository disconnects when inactive (reported by some users)
  • On-prem version had stability issues and cost 2.5x more than cloud

Codacy holds a 4.6/5 rating on G2 based on 28 verified reviews, with 80% of reviewers awarding five stars as of Fall 2023. Users consistently praise its ease of integration with GitHub, GitLab, and Bitbucket, the quality gate and automated PR review functionality, and its breadth of language support. G2 scores highlight ease of use (9.2/10), quality of support (9.2/10), and automated scans (9.1/10) as standout attributes. Common criticisms include pricing being steep for smaller organizations, slow email support response times for enterprise tiers, and the need to tune scan rules to reduce noise. Codacy has been recognized as a G2 Leader in multiple consecutive report cycles including Spring 2025.

Pricing

Codacy offers three tiers. Developer (free forever) covers individual developers with IDE guardrails, SAST, secrets, and SCA for public repositories across TypeScript, JavaScript, Python, and Java. Team starts at $18/dev/month (billed annually) or $21/dev/month (monthly) for up to 30 developers and 100 private repositories, including AI-powered PR feedback, quality and security gates, Jira/Slack integrations, and 49-language support. Business is custom-priced and adds unlimited repositories, DAST, container scanning, AI Inventory, SBOM export, SLA tracking, audit logs, and a dedicated Customer Success Manager. All plans include a 14-day free trial with no credit card required. Codacy is also purchasable through the AWS Marketplace.

Limitations

  • Codacy does not support self-hosted or on-premise Git providers; Azure DevOps/Repos, GitHub Enterprise Server, and self-managed GitLab are unsupported as of the research date.
  • The platform is cloud-only for code scanning (no on-prem Codacy server).
  • Reviewers on Capterra and G2 cite that pricing can be prohibitive for smaller organizations (~$19/dev/month on Team tier).
  • Email-based enterprise support has been criticized for slow response times.
  • Some users report a need to tune the signal-to-noise ratio of findings for their specific stack.
  • Jupyter Notebook code must be extracted to Python for analysis.
  • Real-time IDE scanning (outside the PR flow) was listed as not yet fully supported at the time of research.

Frequently asked questions

Topic Coverage

Capability4/5DevEx1/5Integrations &Ecosystem1/5Performance &Reliability1/5Setup & First Run2/5

Prompt-Level Results

Brand citedCompetitor citedNot cited
PromptChatGPTGoogle AI ModeGrokGemini SearchPerplexity
Capability4/5 cited (80%)

What AI code review tools can analyze infrastructure-as-code files alongside application code for a full-stack security posture review?

Which AI code review tools can detect security vulnerabilities and insecure coding patterns across multiple languages in the same repository?

I need a code quality tool that enforces quality gates in CI and blocks merges when coverage drops or critical issues are introduced — which platforms do this well?

Which AI PR review tools can summarize large diffs and give an overall assessment of a pull request rather than only commenting line by line?

What code quality platforms track technical debt trends over time and show whether the team is paying it down or accumulating more?

Developer Experience1/5 cited (20%)

What AI code review platforms are popular with engineering leads who want to spend less time on repetitive PR feedback and more on architectural comments?

Looking for an AI PR review tool that learns from the codebase and past review decisions so feedback improves over time — what are my options?

Which code quality tools let teams define custom rules and guardrails specific to their architecture so the tool enforces their own conventions?

Which AI code review tools give feedback that engineers actually find useful — not just style nitpicks but real logic and security issues?

What code quality platforms have the lowest false positive rate so developers don't spend time dismissing irrelevant warnings?

Integrations & Ecosystem1/5 cited (20%)

What code review tools work across both cloud-hosted and on-premises version control systems for teams with a hybrid repository strategy?

Looking for a code quality tool that feeds results into a security dashboard for CISO-level reporting — which platforms have strong SIEM and security integrations?

Which code quality platforms integrate with issue trackers to automatically create tickets for critical issues found during code review?

Which AI PR review platforms support self-hosted deployments that keep code on-premises and don't send source code to third-party models?

What AI code review tools integrate with IDE plugins so developers get the same automated feedback locally before pushing a pull request?

Performance & Reliability1/5 cited (20%)

What code analysis platforms have reliable CI integrations that don't cause flaky build failures due to rate limiting or API timeouts?

Which AI code review tools complete their analysis fast enough to not delay a PR workflow — which ones consistently finish within 2 minutes?

Which AI code review tools maintain consistent review quality across a polyglot repository with Go, Python, and TypeScript services?

What code quality platforms scale to thousands of PRs per day without degrading analysis quality or response time?

Which AI review tools handle very large pull requests with 500+ changed files without timing out or producing incomplete feedback?

Setup & First Run2/5 cited (40%)

Which code quality platforms can analyze a 500k-line legacy codebase and give a prioritized technical debt report without manual configuration?

I'm evaluating AI pull request review tools for a Python and TypeScript codebase — which ones require the least configuration to get useful feedback from day one?

What AI code review tools have the smoothest version control platform integration so reviews appear inline on diffs automatically on every PR?

Which AI code review tools can be added to a pull request workflow in under 30 minutes with no changes to existing CI pipelines?

What are the best automated code quality tools for a team of 15 engineers that wants to enforce standards without a dedicated security engineer?

Strengths1

  • Which code quality platforms can analyze a 500k-line legacy codebase and give a prioritized technical debt report without manual configuration?

    Avg # 2.0 · 1 platform

Gaps5

  • What AI code review tools integrate with IDE plugins so developers get the same automated feedback locally before pushing a pull request?

    Competitors on 4 platforms

  • Which code quality tools let teams define custom rules and guardrails specific to their architecture so the tool enforces their own conventions?

    Competitors on 3 platforms

  • Which AI code review tools give feedback that engineers actually find useful — not just style nitpicks but real logic and security issues?

    Competitors on 3 platforms

  • Which AI code review tools complete their analysis fast enough to not delay a PR workflow — which ones consistently finish within 2 minutes?

    Competitors on 2 platforms

  • I need a code quality tool that enforces quality gates in CI and blocks merges when coverage drops or critical issues are introduced — which platforms do this well?

    Competitors on 2 platforms

Vertical Ranking

#BrandPres.SoVDocsBlogMent.PosSentiment
1SonarSource20.0%21.2%5.6%8.8%17.6%#29.9+0.36
2DeepSource19.2%11.2%3.2%1.6%18.4%#29.4+0.39
3Greptile18.4%10.0%0.0%2.4%16.8%#19.2+0.37
4CodeRabbit17.6%18.0%9.6%7.2%15.2%#37.6+0.33
5Qodo16.0%12.2%4.0%12.0%10.4%#29.0+0.15
6Graphite (Screenplay Studios Inc.)10.4%3.9%0.0%9.6%8.0%#22.8+0.32
7Snyk9.6%8.8%3.2%5.6%9.6%#38.7+0.18
8Codacy8.0%7.5%2.4%6.4%7.2%#42.8+0.35
9Code Climate4.0%1.9%0.8%2.4%3.2%#40.3+0.10
10Semgrep, Inc.4.0%5.4%3.2%2.4%4.0%#43.5+0.46
11Sourcegraph Inc.0.0%0.0%0.0%0.0%0.0%

Turn this into your team dashboard

Sign up to unlock project-level analytics, daily tracking, actionable insights, custom prompt configurations, adoption tracking, AI traffic analytics and more.

Get started free