Free trial

Try Cerbi without Azure

Open a preconfigured playground, run one command, and see how Cerbi governs risky logs before they reach your observability stack.

No Azure required. No code upload. GitHub account required for Codespaces. Usage may count against your GitHub quota.

Choose your path

Three ways to try Cerbi. All are free, all are read-only, and none require Azure.

Codespaces

Fastest — no local setup

Open the demo repo in GitHub Codespaces. Everything is preconfigured: unsafe sample logs, governance rules, a working policy file, and the run-demo script. Ready in about 60 seconds.

GitHub account required. Usage may count against your GitHub quota.

Docker Compose

Local demo — under 5 minutes

Clone the demo repo and run the compose stack locally. No cloud account required. Runs on any machine with Docker installed.

Requires Docker Desktop or Docker Engine.

Scan your repo

Scan your own code

Install the Cerbi Scanner CLI and run it against your own codebase. Read-only. Nothing leaves your machine. Supports C#, Go, Java, Node/TypeScript, and Python.

No account required. No code upload.

What happens in the demo

Five steps from your code to governed telemetry.

1

Code / Repo

Your existing codebase

2

Cerbi Scanner

Static analysis, no code changes

3

Governance Policy

Rules checked in to version control

4

Findings & Fixes

JSON, SARIF, Markdown output

5

Safe Telemetry

Governed logs reach downstream tools

Terminal walkthrough

Clone the repo, run one script, read findings. That is the entire demo.

cerbi-log-risk-demo
git clone https://github.com/Zeroshi/cerbi-log-risk-demo
Cloning into 'cerbi-log-risk-demo'...
cd cerbi-log-risk-demo
./scripts/run-demo.sh
Scanning 4,831 log statements across C#, Java, Go, Python, Node/TypeScript...
HIGH AuthService.cs:88 token logged in structured field
HIGH CheckoutService.java:112 cardNumber exposed via log4j2
HIGH user_handler.py:67 ssn in stdlib logging call
MED api/orders.go:43 raw request body logged via zap
MED webhook.ts:91 auth_token exposed in Winston
27 risky log calls found. See scan-results/ for JSON, SARIF, Markdown.

What you'll see

  • Unsafe logs with PII, secrets, tokens, raw payloads, and high-cardinality fields
  • Governance profile rules mapped to each finding
  • Scanner findings with file, line, and severity
  • Markdown, JSON, and SARIF output
  • CI/CD gate example — one flag flips report mode to gating mode
  • Before/after governed telemetry comparison

After the demo

Scanner findings become governance evidence. When findings matter across teams, CerbiShield adds centralized policy, scoring, audit history, and runtime enforcement — deployed into your Azure tenant.

Ready to see what your logs are leaking?

Open the playground in Codespaces and get your findings count in about five minutes.

No Azure required. No code upload. GitHub account required for Codespaces.

[ cerbi ] · Start now

One NuGet package. No pipeline changes. Policy-as-code governance that runs in-process before sensitive data ever reaches Splunk, Datadog, or Azure Monitor.

14-day free trial/No credit card/Works with Serilog · NLog · MEL
Cerbi | Find PII, Secrets & Sensitive Data in Application Logs