Security scanning tools cover a wide spread of jobs: cloud compliance, Kubernetes posture, secrets detection, vulnerability discovery, API security, and network access controls. This June 2026 view uses the supplied ToolVitals dataset, including health score, shipping score, ToolVitals score, GitHub stars, openness_label, license_label, pricing scope, and status for each ranked tool.
The ranking includes open/source-visible tools only and is ordered by ToolVitals score first, with GitHub stars used as the secondary popularity signal when scores are close. Labels are kept literal: tools marked OSI-approved OSS are described that way, and each license_label is stated as supplied rather than broadened into a generic open-source claim.
Rankings
| Rank | Tool | Openness | License | Health | Shipping | GitHub Stars | Score | Status |
|---|---|---|---|---|---|---|---|---|
| 1 | NetBird | OSI-approved OSS | AGPL-3.0 | 100 | 100 | 25806 | 100 | 🟢 Excellent |
| 2 | Prowler | OSI-approved OSS | Apache-2.0 | 100 | 100 | 13955 | 100 | 🟢 Excellent |
| 3 | Snyk | OSI-approved OSS | Apache-2.0 | 93 | 94 | 5573 | 95 | 🟢 Excellent |
| 4 | Kubescape | OSI-approved OSS | Apache-2.0 | 93 | 95 | 11470 | 94 | 🟢 Excellent |
| 5 | Strix | OSI-approved OSS | Apache-2.0 | 92 | 78 | 25875 | 89 | 🟢 Excellent |
| 6 | Trivy | OSI-approved OSS | Apache-2.0 | 85 | 78 | 36178 | 85 | 🟢 Excellent |
| 7 | Gravitl | OSI-approved OSS | Apache-2.0 | 77 | 65 | 11605 | 79 | 🟢 Good |
| 8 | Gitleaks | OSI-approved OSS | MIT | 72 | 45 | 27602 | 70 | 🟢 Good |
| 9 | Secutils | OSI-approved OSS | AGPL-3.0 | 62 | 63 | 100 | 70 | 🟢 Good |
| 10 | vulnerability-spoiler-alert | OSI-approved OSS | MIT | 64 | 63 | 139 | 69 | 🟢 Good |
| 11 | Redlyne | OSI-approved OSS | Apache-2.0 | 58 | 49 | 37 | 64 | 🟢 Good |
| 12 | Deepfence ThreatMapper | OSI-approved OSS | Apache-2.0 | 63 | 16 | 5277 | 56 | 🟡 Fair |
| 13 | OpenClarity | OSI-approved OSS | Apache-2.0 | 51 | 0 | 1461 | 42 | 🟡 Fair |
| 14 | Matano | OSI-approved OSS | Apache-2.0 | 27 | 0 | 1676 | 33 | 🔴 Needs Attention |
| 15 | Metlo | OSI-approved OSS | MIT | 31 | 0 | 1778 | 31 | 🔴 Needs Attention |
Top 3 Highlights
NetBird ranks first with a ToolVitals score of 100, health score of 100, and shipping score of 100. It is listed as OSI-approved OSS under AGPL-3.0, has pricing_scope none, and has 25,806 GitHub stars. Its description positions it as a zero-configuration mesh VPN for business, so it stands out in this security scanning set as a high-scoring network security option rather than a narrow vulnerability scanner.
Prowler also scores 100 across ToolVitals score, health score, and shipping score, but ranks second behind NetBird on the GitHub star tie-breaker with 13,955 stars. It is OSI-approved OSS under Apache-2.0 with pricing_scope none. The supplied description is broad for cloud security: it automates security and compliance across cloud environments.
Snyk ranks third with a ToolVitals score of 95, health score of 93, and shipping score of 94. It is listed as OSI-approved OSS under Apache-2.0, but its pricing_scope is hosted_cloud, which separates it from the no-pricing-scope tools above it. Its dataset description is concise: a developer-first security platform.
Want to see the full details, pricing, and trend data for every tool in Security Scanning? Browse all Security Scanning Tools →