KOREXT - AI Code Governance

Enforce compliance policies on every line of code your team writes or AI generates.

72 policy packs. 532 detection rules. 17 industries. 13 languages. Cryptographically signed proof bundles.

What It Does

KOREXT scans your code against policy packs spanning regulatory compliance, technical standards, and security intelligence. When a violation is found, you see it inline with a clear explanation and governance context (regulatory reference, security classification, risk category).

Every scan produces a signed proof bundle that your compliance team can verify independently.

Features

Real Time Enforcement Violations appear as you type. No manual scan needed. Every save triggers enforcement against your active policy packs.

72 Policy Packs Across 18 Industries Finance (PCI-DSS, SOX, DORA). Healthcare (HIPAA). Government (FedRAMP). Privacy (GDPR, CCPA). Security (OWASP, CWE). AI governance (EU AI Act). And more. Select by industry or pick individual packs.

Deep Code Analysis Structure aware detection across 13 languages: JavaScript, TypeScript, TSX, Python, Java, C++, Go, Ruby, Rust, C#, Kotlin, PHP, Swift. Not pattern matching. Real code understanding with confidence scoring.

Signed Proof Bundles Every enforcement scan generates a cryptographically signed proof bundle. Export as PDF. Share with auditors. Verify independently via the public verification URL. Your compliance evidence, not a screenshot.

Data Sovereignty Choose where your data is processed and stored: US, EU, or Asia Pacific. Every proof bundle attests to the exact processing and storage regions. Configure per project via korext.json or per user via extension settings.

Customer Managed Signing Keys Organization administrators generate their own signing key. KOREXT signs proof bundles with your key. You verify independently. KOREXT cannot forge your compliance artifacts.

Organization Policy Administrators mandate policy packs across the entire team. Mandated packs cannot be removed by individual developers. Enforced consistently across every surface.

Multi Pack Enforcement Enforce multiple policy packs simultaneously. Rules are deduplicated across packs. Governance context attributes each violation to its originating pack.

Quick Start

1. Install the extension from the VS Code Marketplace
2. Open the command palette: Ctrl+Shift+P (or Cmd+Shift+P on Mac)
3. Run KOREXT: Select Policy Packs
4. Choose your industry or pick individual packs
5. Open any code file. Violations appear inline.

Configuration

korext.json (per project)

Create a korext.json file in your project root:

{
  "project": "my-app",
  "targetPacks": ["web", "pci-dss-v1"],
  "region": "eu"
}

Extension Settings

Commands

Proof Bundles

Every enforcement scan produces a proof bundle containing:

• Decision (PASS or BLOCK)
• Violations with governance context
• Policy packs enforced
• Regional processing attestation
• Cryptographic signature

Export as PDF for your compliance records. Share the verification URL with auditors. They can verify the bundle is authentic without contacting you.

Data Sovereignty

KOREXT offers three data regions: US, EU, and Asia Pacific. Set your region in korext.json or extension settings. All code processing, proof bundle storage, and audit logs stay in your chosen region.

Requirements

• VS Code 1.85 or later
• Internet connection (for server mode enforcement)
• Free account at app.korext.com (optional, enables signed bundles and custom packs)

Links

• Website
• Dashboard
• Documentation
• FAQ
• Privacy Policy

License

Proprietary. See Terms of Service.