Scan Performances and Results

Open Source Vulnerability Scanners

We've used 20+ built-in open-source vulnerability scanners in Kondukto to detect;

  • Vulnerabilities in code (SAST) or run-time (DAST)
  • Vulnerabilities in 3rd party libraries and dependencies (SCA)
  • Misconfigurations in containers (CS) and infrastructures (IaC).
Open Source Vulnerability Scanners
Benchmark Scanner Performance

Vulnerability Details

Benchmark Scanner Performance

You will have full access to vulnerability details to benchmark the performance of different scanners.

You can add comments, screenshots or additional information to help triage and even send false positive requests that will be approved by the platform's admin.

Comparisons (Speed, Accuracy, Coverage)

False Positives and Negatives

You can help with triaging security issues and we can get accuracy/coverage-related metrics for each tool.

This way you can also compare the performance of your commercial tools against open-source scanners to validate the added value.

False Positives and Negatives
Most Popular Test Beds

Juice Shop, Broken Crystals, Altoro and Vulnerable Flask

Most Popular Test Beds

We've used the most popular intentionally vulnerable applications to monitor open-source security scanner performances.

Credits: