Analysis Types

Clipron AI offers three distinct analysis levels, each powered by different AI models and optimized for specific use cases. This guide helps you choose the right analysis type for your needs.

Overview of Analysis Types

Ron AI 2 Mini

Quick Scan

Google Gemini Flash
30-60 seconds
2-5 credits
CI/CD integration

Ron AI 2 Standard

Comprehensive Audit

DeepSeek Coder V2
1-3 minutes
5-15 credits
Regular security audits

Ron AI 2 Ultra

Deep Analysis

Claude 3.5 Sonnet
3-10 minutes
15-50 credits
Pre-production audits

Ron AI 2 Mini (Quick Scan)

When to Use

CI/CD Integration

Perfect for automated pipelines

Fast feedback in development workflow
Catch obvious security issues early
Low cost for frequent scanning
Minimal impact on build times

Initial Code Review

First pass security check

Quick overview of security posture
Identify major vulnerabilities
Triage code before deeper analysis
Educational tool for learning

Budget-Conscious Scanning

Cost-effective security

Limited credit budget
High-frequency scanning needs
Basic security compliance
Proof of concept projects

What It Detects

Common Vulnerabilities
Code Quality Issues
Compliance Basics

SQL Injection: Basic injection patterns
XSS: Cross-site scripting vulnerabilities
CSRF: Cross-site request forgery
Authentication Issues: Basic auth problems
Input Validation: Missing validation checks

Example Use Cases

# CI/CD Pipeline Integration
- name: Quick Security Scan
  run: |
    curl -X POST "https://clipron.com/api/analysis" \
      -H "Authorization: Bearer $CLIPRON_API_KEY" \
      -d '{
        "source_type": "github",
        "content": "${{ github.repository }}",
        "analysis_type": "mini",
        "options": {
          "fail_on_critical": true
        }
      }'

# Daily Development Workflow
# Quick check before committing changes
clipron-cli scan --type=mini --path=./src --fail-on=high

Ron AI 2 Standard (Comprehensive Audit)

When to Use

Regular Security Audits

Balanced depth and speed

Weekly or monthly security reviews
Comprehensive vulnerability detection
Business logic analysis
Reasonable cost and time investment

Development Workflow Integration

Enhanced development security

Pre-merge request analysis
Feature branch security validation
Code review assistance
Security-focused development

Production Preparation

Pre-deployment security

Staging environment validation
Release candidate analysis
Security regression testing
Compliance verification

Advanced Detection Capabilities

Complex Vulnerabilities
Framework-Specific Issues
Advanced Code Analysis

Business Logic Flaws: Multi-step attack vectors
Race Conditions: Concurrency vulnerabilities
Privilege Escalation: Authorization bypasses
Data Flow Analysis: Taint tracking
Cryptographic Issues: Weak crypto implementations

Example Configuration

{
  "source_type": "github",
  "content": "https://github.com/company/web-app",
  "analysis_type": "standard",
  "options": {
    "focus_areas": [
      "authentication",
      "authorization", 
      "data_validation",
      "cryptography"
    ],
    "compliance_standards": [
      "owasp_top_10",
      "sans_top_25"
    ],
    "include_dependencies": true,
    "exclude_patterns": [
      "node_modules/",
      "*.test.js",
      "docs/"
    ]
  }
}

Ron AI 2 Ultra (Deep Analysis)

When to Use

Critical System Analysis

Maximum security depth

Financial systems
Healthcare applications
Government systems
High-value targets

Pre-Production Audits

Final security validation

Production deployment preparation
Security certification requirements
Compliance audit preparation
Risk assessment for critical releases

Security Research

Advanced threat analysis

Novel attack vector discovery
Security research projects
Penetration testing preparation
Advanced threat modeling

Cutting-Edge Analysis

Advanced Threat Modeling
Deep Code Understanding
Comprehensive Compliance

Attack Chain Analysis: Multi-step attack scenarios
Threat Actor Simulation: APT-style attack patterns
Zero-Day Discovery: Novel vulnerability patterns
Advanced Persistent Threats: Long-term compromise vectors

Advanced Configuration

{
  "source_type": "github",
  "content": "https://github.com/company/critical-system",
  "analysis_type": "ultra",
  "options": {
    "threat_modeling": {
      "attack_scenarios": ["insider_threat", "apt", "supply_chain"],
      "threat_actors": ["nation_state", "organized_crime", "insider"],
      "attack_surfaces": ["web", "api", "mobile", "infrastructure"]
    },
    "compliance_frameworks": [
      "pci_dss",
      "hipaa",
      "sox",
      "nist_cybersecurity_framework"
    ],
    "analysis_depth": {
      "code_coverage": "maximum",
      "dependency_depth": 5,
      "data_flow_analysis": "comprehensive",
      "control_flow_analysis": "exhaustive"
    },
    "custom_rules": [
      "company_security_policy",
      "industry_best_practices"
    ]
  }
}

Choosing the Right Analysis Type

Decision Matrix

By Use Case

Use Case	Recommended Type	Reasoning
Daily development	Mini	Fast feedback, low cost
Code review	Standard	Balanced depth and speed
Pre-production	Ultra	Maximum security assurance
CI/CD pipeline	Mini	Speed and automation friendly
Security audit	Standard/Ultra	Depends on criticality
Compliance check	Ultra	Comprehensive coverage
Learning/training	Mini	Cost-effective exploration

By System Criticality

System Type	Recommended Type	Frequency
Internal tools	Mini	Weekly
Customer-facing	Standard	Bi-weekly
Financial systems	Ultra	Monthly
Healthcare apps	Ultra	Before each release
E-commerce	Standard	Weekly
Open source	Mini/Standard	Per release

By Team Size & Budget

Team Size	Budget	Recommended Strategy
1-5 developers	Limited	Mini for daily, Standard monthly
6-20 developers	Moderate	Standard for features, Ultra quarterly
20+ developers	Enterprise	All types based on component criticality

Cost Optimization Strategies

Layered Approach

Use multiple analysis types strategically

Mini for frequent scanning
Standard for important features
Ultra for critical components
Optimize based on risk assessment

Targeted Analysis

Focus on high-risk areas

Authentication and authorization code
Payment processing logic
Data handling components
External API integrations

Analysis Results Comparison

Typical Results by Type

Mini Analysis Results
Standard Analysis Results
Ultra Analysis Results

{
  "analysis_type": "mini",
  "duration": "45 seconds",
  "credits_used": 3,
  "security_score": 78,
  "vulnerabilities_found": 8,
  "coverage": {
    "files_analyzed": 45,
    "lines_of_code": 2500,
    "functions_analyzed": 120
  },
  "top_issues": [
    "SQL Injection (Critical)",
    "XSS (High)",
    "Hardcoded API Key (Medium)"
  ]
}

{
  "analysis_type": "standard", 
  "duration": "2 minutes 15 seconds",
  "credits_used": 12,
  "security_score": 72,
  "vulnerabilities_found": 15,
  "coverage": {
    "files_analyzed": 45,
    "lines_of_code": 2500,
    "functions_analyzed": 120,
    "data_flows_traced": 85,
    "dependencies_analyzed": 23
  },
  "advanced_findings": [
    "Race condition in payment processing",
    "Business logic bypass in user registration",
    "Insecure direct object reference"
  ]
}

{
  "analysis_type": "ultra",
  "duration": "7 minutes 30 seconds", 
  "credits_used": 35,
  "security_score": 68,
  "vulnerabilities_found": 23,
  "coverage": {
    "files_analyzed": 45,
    "lines_of_code": 2500,
    "functions_analyzed": 120,
    "data_flows_traced": 150,
    "dependencies_analyzed": 45,
    "attack_scenarios_modeled": 12
  },
  "threat_analysis": {
    "attack_chains": 5,
    "privilege_escalation_paths": 3,
    "data_exfiltration_vectors": 7
  },
  "compliance_results": {
    "pci_dss": "Failed (3 critical issues)",
    "owasp_top_10": "Partial compliance"
  }
}

Analysis Tip: Start with Mini analysis to get familiar with the platform, then use Standard for regular development, and Ultra for critical releases or compliance requirements.

Introduction

Getting Started

Installation & Deployment

Architecture

User Guides

Troubleshooting

Analysis Types

Analysis Types

Overview of Analysis Types

Ron AI 2 Mini

Ron AI 2 Standard

Ron AI 2 Ultra

Ron AI 2 Mini (Quick Scan)

When to Use

What It Detects

Example Use Cases

Ron AI 2 Standard (Comprehensive Audit)

When to Use

Advanced Detection Capabilities

Example Configuration

Ron AI 2 Ultra (Deep Analysis)

When to Use

Cutting-Edge Analysis

Advanced Configuration

Choosing the Right Analysis Type

Decision Matrix

Cost Optimization Strategies

Layered Approach

Targeted Analysis

Analysis Results Comparison

Typical Results by Type

Introduction

Getting Started

Installation & Deployment

Architecture

User Guides

Troubleshooting

​Analysis Types

​Overview of Analysis Types

Ron AI 2 Mini

Ron AI 2 Standard

Ron AI 2 Ultra

​Ron AI 2 Mini (Quick Scan)

​When to Use

​What It Detects

​Example Use Cases

​Ron AI 2 Standard (Comprehensive Audit)

​When to Use

​Advanced Detection Capabilities

​Example Configuration

​Ron AI 2 Ultra (Deep Analysis)

​When to Use

​Cutting-Edge Analysis

​Advanced Configuration

​Choosing the Right Analysis Type

​Decision Matrix

​Cost Optimization Strategies

Layered Approach

Targeted Analysis

​Analysis Results Comparison

​Typical Results by Type

Analysis Types

Overview of Analysis Types

Ron AI 2 Mini (Quick Scan)

When to Use

What It Detects

Example Use Cases

Ron AI 2 Standard (Comprehensive Audit)

When to Use

Advanced Detection Capabilities

Example Configuration

Ron AI 2 Ultra (Deep Analysis)

When to Use

Cutting-Edge Analysis

Advanced Configuration

Choosing the Right Analysis Type

Decision Matrix

Cost Optimization Strategies

Analysis Results Comparison

Typical Results by Type