How to Secure Sourcegraph Cody
Step-by-step guide to using Sourcegraph Cody securely with self-hosted and enterprise options.
Sourcegraph Cody Security Context
Cody is codebase-aware AI that can be self-hosted for maximum security. Enterprise features include advanced access controls and audit logging.
Security Checklist
Review AI-generated code
CriticalAlways review Cody's suggestions for security vulnerabilities.
Configure self-hosted options
CriticalConsider self-hosting Sourcegraph for maximum data control.
Audit codebase access
CriticalReview what repositories Cody has access to.
Protect secrets
CriticalEnsure sensitive files are excluded from Cody's analysis.
Review enterprise security features
CriticalLeverage Sourcegraph's enterprise security features if available.
Configure access controls
Set appropriate access controls for team members.
Enable audit logging
Track Cody usage for security monitoring.
Review suggested dependencies
Audit packages suggested for vulnerabilities.
Validate code patterns
Ensure generated code follows security best practices.
Configure integration settings
Review IDE integration security settings.
Test authentication flows
Verify any generated auth code works securely.
Review API usage
Check API integrations for proper security.
Enable two-factor authentication
Require 2FA for Sourcegraph access.
Review network security
Ensure secure connections to Sourcegraph.
Configure data retention
Set appropriate data retention policies.
Run security scan
Use VibeEval to scan deployed applications.