COBOL · RPG · CL · DDS · SQL · PL/SQL

The enterprise's DNA,
made readable.

Afunana reads the systems that actually run your business — and reconstructs the knowledge buried inside them. It builds a queryable map of every program, file, and field, then turns it into documentation a business can read, plain-language answers with citations, detection of the defects that never throw an error, and safe, validated change plans. Installed on your own infrastructure, with the AI provider you choose.

IBM i (AS/400) Oracle SQL z/OS mainframe — on the roadmap
Afunana system overview — business-level documentation generated from legacy source code
On-premise, zero vendor access Fully air-gapped option Every answer cited to a source line Mapped to OWASP, ISO 27001, SOC 2 Documentation in any language
Why it matters

The systems work. The understanding is leaving.

The applications that run core operations at many IBM i, Oracle, and mainframe organizations are decades old. The people who built and maintained them are retiring, the documentation is out of date, and the knowledge of why the code does what it does leaves with them. That makes every change risky, every audit slow, and modernization hard — because no one can say exactly what the system does. Afunana closes that gap.

Preserve institutional knowledge

Capture what your retiring experts know — the business rules and intent — straight from the source code, before it's gone.

Reduce the risk of change

See the full blast radius of any change — every program, file, and field affected — and get a validated plan before it reaches production.

Catch the silent failures

Find the costliest, best-hidden defects — the ones that produce no error message and only surface when real data hits them.

Stay audit-ready

Documentation on demand, every claim cited to a source line, backed by a tamper-evident audit trail and field-level data lineage.

What it does

From source code to system knowledge

Afunana connects to your system, extracts the source, and builds a persistent knowledge graph of how everything connects. On top of that graph it describes what every program does in business terms — not a transcript of the code, but what it means and why it matters — with every statement traced back to the exact source line, so any claim can be verified.

Documentation

Business-level program documentation

Every program gets a structured document at three levels — business, systems, and program — covering what it does, the business rules it enforces, its data flows, error handling, and dependencies. Every statement traced to its source line.

  • Business purpose and workflow, in plain language
  • Implicit business rules surfaced from the code
  • Call trees, flowcharts, sequence diagrams, and ERDs
  • Dead-code detection, migration traps, and hidden dependencies
Program documentation with business summary and flowcharts
Navigation

Programs, files, and dependencies in one map

Searchable lists of every program and file with business descriptions and auto-generated tags. An interactive call tree shows the full dependency web, and a system-wide data dictionary catalogs every field with the programs that use it and the consequences of changing it.

  • Cross-reference any field across all programs and files
  • Trace field lineage across program boundaries
  • System overview with functional groupings and risk areas
Interactive call tree showing program and file dependencies
Chat & impact analysis

Ask questions, see what a change will break

Ask in plain language — "which programs update the customer balance?" or "what breaks if we lengthen the policy number?" — and get answers with clickable source-line citations. Describe a change and Afunana returns a full impact analysis and compile order. Fold in your own specs and manuals so it reasons over what the code reveals and what your team already wrote.

  • Every answer cites the source program and line
  • Change-impact analysis before code goes in
  • Ask mode for questions, Plan mode for change plans
Chat producing a change plan with source citations
Silent-failure detection

Find the defects that never throw an error

Deterministic checks — no probabilistic guessing — catch the costliest, best-hidden defects across program boundaries: callers and callees that disagree about a parameter's size, moves that silently truncate an amount, unhandled file status, unsafe control flow, and (on Oracle) swallowed exceptions, DML without a WHERE clause, and dynamic-SQL injection.

  • Cross-program parameter and byte-size mismatches
  • Data-truncating moves and unchecked I/O status
  • Per-check severity you control — batch chains that run clean but produce wrong results
File detail with field-level descriptions, lineage, and program references
What's different

More than a code assistant

Code tools help you write the next line. Afunana captures the business logic and data relationships embedded across decades of programs — and keeps that map current. Silent-failure detection and a governed multi-model gateway are claimed by Afunana and nobody else in this field.

A knowledge graph, not an LLM wrapper

A chat window over a context window can explain a snippet pasted into it. It does not maintain a cross-referenced map of an entire system, updated as the system changes. Afunana does — and that persistent graph is what powers every other feature.

It finds the silent failures

Built on a model of how these systems really break: cross-program parameter mismatches, truncating data moves, unhandled status, unsafe control flow. The costliest, best-hidden defects — caught structurally, before they ship.

It closes the loop, in your own style

From understanding to a validated change plan to an approved edit written back to the live system — in the codebase's own coding style, automatically enforced. Human approval at every step; stopping at the plan is the default.

One AI Hub — the right model for every phase

Every model call routes through one governed gateway. Each phase uses the model tuned for it, with automatic fallbacks, and every call is metered so you can see what a build or a query costs. Switch providers freely, with no rebuild — a disruption to any one model is a setting to change, not an outage.

On-premise or fully air-gapped

Nothing leaves your network. Run entirely offline with a local model and self-hosted embeddings. Secrets drawn from your own vault; controls mapped to OWASP Top 10, ISO/IEC 27001:2022, and SOC 2 — the questions a bank's security team asks, answered.

Bring your own documents & language

Fold the specs, manuals, and analysts' notes you already have into the same searchable, cited knowledge base — and Afunana documents your system in whatever language your teams read.

At a glance

What Afunana does

Builds a living knowledge graph of the whole estate

Business-level documentation, cited to the source line

Silent-failure detection — the defects that throw no error

Plain-language chat grounded in your code, with citations

Validated change plans, optionally executed in your own style

Runs on-premise or fully air-gapped, with zero vendor access

Governed multi-model gateway — switch providers freely

Documentation and answers in any language

How it works

Understand, plan, execute — then it stays current

Run a build once. After that, every change triggers a delta rebuild — only the affected programs get re-analyzed — so the documentation never goes stale. Structural mapping is deterministic; only the documentation step uses AI.

01 — Understand

Map the system

Extract the source, build the knowledge graph, and generate multi-level documentation, visual maps, a data dictionary, and a cited chat assistant.

02 — Plan

Plan the change

Describe a change and get a structured, validated modification plan grounded in the live codebase — what to change, in what order, and what it impacts.

03 — Execute

Apply it safely

Optionally write the approved change back to the live system, in the codebase's own style — under explicit human approval. Available as an option, not a default.

04 — Refresh

Stay current

As code changes, an incremental rebuild re-analyzes only what changed. The documentation keeps itself up to date — nothing goes stale.

Platforms & languages

What Afunana analyzes

Afunana extracts source from each platform into one common model, then documents, checks, and searches it the same way.

Supported

IBM i (AS/400)

COBOL · RPG · CL · DDS

Connect and extract via a server-side agent, map and document, detect silent failures, plan changes, and — under approval — write the fix back to the live box.

Supported

Oracle

PL/SQL · packages · data dictionary

Read-only extraction of PL/SQL and the Oracle data dictionary into the same knowledge graph, with PL/SQL-aware documentation, quality checks, and code-flow diagrams.

Supported

SQL

Plain SQL · procedures · scripts

Plain SQL goes through the same pipeline — documented, cross-referenced, and searchable alongside the programs and data it touches.

Next on the roadmap: IBM z/OS mainframe COBOL, built on the same foundation.

Who it's for

One system, readable by everyone

The same documentation serves the whole organization — each role gets what it needs from one source of truth.

Management & IT leadership

See what the system actually does

System overviews and functional maps derived from the source. Assess risk, plan resourcing, and decide on evidence — not memory.

Business analysts

Read the logic, not the code

Business rules, process flows, and data dictionaries in plain language. No IDE or terminal needed — open a browser.

Developers & team leads

Onboard faster, change safer

Understand programs you didn't write, trace dependencies, run impact analysis, and generate a validated change plan. VS Code extension available.

Auditors & compliance

Evidence, not claims

Every finding traced to a source line. Tamper-evident audit trail, cross-reference reports, and change history.

Modernization teams

Scope rewrites against reality

The "why" layer and cross-reference data reveal the real system and its traps, so modernization starts with the facts.

Deployment & control

On your infrastructure, under your control

Afunana runs as a set of Docker or Podman containers on your own network. Your source code never leaves your environment, and Afunana has no access to it.

On-premise, zero vendor access

Your server, your data, your AI. Choose the provider per role — Anthropic, OpenAI, Azure, or a fully local model via Ollama for air-gapped sites. Embeddings are computed locally and never leave the box.

Single-command install, your way

One command installs the full stack on Docker or Podman. Use the bundled database and reverse proxy, or bring your own. Pull images from a registry or install fully offline. RHEL, AlmaLinux, Ubuntu, Rocky, and Debian supported.

Enterprise security built in

SSO/OIDC, role-based access, encryption in transit and at rest, secrets from your own vault (CyberArk or HashiCorp), and a tamper-evident SHA-256 audit log with SIEM forwarding — mapped to OWASP, ISO 27001, and SOC 2.

Integrations

Works with the tools your teams already use

Afunana fits into existing workflows — in the browser, in the editor, and through AI assistants via the Model Context Protocol.

MCP Server

An authenticated endpoint (OAuth 2.0 with PKCE) lets Claude, Cursor, Copilot, and claude.ai query your programs, files, fields, and documentation directly.

VS Code Extension

One self-contained extension — no companion plugins, and no vendor connectivity client to reach the AS/400. Program docs, hover intelligence, diagnostics, call hierarchy, chat, and live source editing, right in the editor.

REST API

A full API for authentication, programs, files, chat, tags, builds, and admin operations. Build your own integrations and automations.

Questions, answered

The things buyers actually ask

Isn't this just an AI chatbot reading my code?
No. A chat window explains a snippet you paste into it; it doesn't maintain a cross-referenced map of an entire system, kept current as the system changes. Afunana's foundation is a persistent knowledge graph of program, file, and field relationships — plus native platform integration, silent-failure detection, an audit trail, and a governed multi-model gateway. The chat is one feature on top of that graph, not the product.
Which systems and languages does it support?
IBM i (AS/400) — COBOL, RPG, CL, and DDS — plus Oracle PL/SQL and plain SQL, all extracted into one common model and documented, checked, and searched the same way. z/OS mainframe COBOL is on the near-term roadmap, built on the same foundation.
Do we need special tooling or connectivity to reach the AS/400?
No. The Afunana VS Code extension is completely self-contained — one extension, no companion plugins, and no vendor connectivity client to install. Your editor never connects to the IBM i directly: it connects to Afunana, and Afunana connects to your server. Developers get docs, diagnostics, chat, and live source editing with nothing else to set up.
How is this different from our platform vendor's own AI assistant?
Vendor code assistants live inside an IDE, lean on that vendor's own infrastructure, are aimed at developers, and are tied to that vendor's model. Afunana runs in a browser anyone can open — analyst, auditor, PM — deploys on-premise with controls mapped to OWASP, ISO 27001, and SOC 2, and routes through a governed multi-model gateway instead of a single-vendor model. And it goes a step further: it produces validated change plans and, under your approval, executes them on the live system.
Where does our source code go?
Nowhere. Afunana installs on your own infrastructure and has no access to your data. Embeddings are computed locally, and you choose the AI provider per role. Point it at a local model (Ollama) and it runs fully air-gapped — nothing leaves the network at all.
How do we know it won't break production?
Structural mapping is deterministic — not a guess. Every chat answer cites the exact source line behind it. Before any change, Afunana produces a validated plan with a full impact analysis. Execution is optional, approval-gated, and writes back in the codebase's own style. The default posture is to stop at the plan and hand off to a developer.
What if our AI provider has an outage or gets restricted?
That's exactly what the One AI Hub is for. Every model call routes through one governed gateway with a primary and automatic fallbacks, and switching providers or models is a configuration change — no rebuild. A disruption to any single model becomes a setting to adjust, not a business-continuity event.
We already have some documentation — why do we need this?
Bring it. Afunana folds your existing specs, manuals, and notes into the same searchable, cited knowledge base — and unifies them with what the code itself reveals, including gaps and contradictions between the old docs and the current code.
Is it SOC 2 or ISO 27001 certified?
Afunana's security controls are mapped to OWASP Top 10, ISO/IEC 27001:2022, and SOC 2, backed by a tamper-evident audit trail and SIEM forwarding. Formal certification is in progress, expected to complete by mid-2027. In the meantime we'll walk your security team through the controls and the mappings.
Get in touch

See it on your own code

Tell us about your environment — how many programs, which platform and languages, and what you're trying to understand. The on-premise proof of concept runs on your own real source.

Afunana

169 Madison Ave. #2172

New York, NY 10016

+1 888 890 2534

support@afunana.io

Thank you. We'll get back to you shortly.

Something went wrong. Please try again or email us directly.