Security scanning buyers are comparing tools that cover very different parts of the stack: cloud posture, Kubernetes, API security, secrets, containers, AI-agent controls, vulnerability management, and CI/CD checks. The ToolVitals dataset for May 2026 scores 50 Security Scanning Tools using the supplied health, shipping, GitHub star, status, and ToolVitals score fields.
The ranking is ordered by ToolVitals score from highest to lowest, with GitHub stars used only as a secondary popularity signal when scores are tied. That is why several tools with a 94 ToolVitals score lead the list, and NetBird ranks ahead of other 94-score tools because it has the largest GitHub star count among that tied group.
Rankings
| Rank | Tool | Health | Shipping | GitHub Stars | Score | Status |
|---|---|---|---|---|---|---|
| 1 | NetBird | 100 | 100 | 25010 | 94 | 🟢 Excellent |
| 2 | Prowler | 100 | 100 | 13746 | 94 | 🟢 Excellent |
| 3 | Akto | 97 | 100 | 1471 | 94 | 🟢 Excellent |
| 4 | Pipelock | 89 | 100 | 552 | 94 | 🟢 Excellent |
| 5 | CNSpec | 95 | 100 | 434 | 94 | 🟢 Excellent |
| 6 | Prosopo CAPTCHA | 95 | 100 | 294 | 94 | 🟢 Excellent |
| 7 | Relic | 95 | 100 | 166 | 94 | 🟢 Excellent |
| 8 | FoxGuard | 87 | 100 | 236 | 93 | 🟢 Excellent |
| 9 | Snyk | 90 | 89 | 5518 | 92 | 🟢 Excellent |
| 10 | OpenA2A | 85 | 100 | 14 | 92 | 🟢 Excellent |
| 11 | Kubescape | 92 | 88 | 11366 | 90 | 🟢 Excellent |
| 12 | Lyrie AI | 92 | 88 | 532 | 90 | 🟢 Excellent |
| 13 | Panguard AI | 90 | 91 | 40 | 90 | 🟢 Excellent |
| 14 | powerpipe | 86 | 88 | 503 | 87 | 🟢 Excellent |
| 15 | lopper | 83 | 100 | 1 | 86 | 🟢 Excellent |
| 16 | Copacetic | 90 | 72 | 1616 | 82 | 🟢 Excellent |
| 17 | OWASP Noir | 90 | 72 | 1189 | 82 | 🟢 Excellent |
| 18 | Sigillo | 81 | 80 | 17 | 81 | 🟢 Excellent |
| 19 | Strix | 91 | 62 | 24965 | 78 | 🟢 Good |
| 20 | Nuclei | 89 | 56 | 28249 | 74 | 🟢 Good |
| 21 | Dokuru | 76 | 72 | 6 | 74 | 🟢 Good |
| 22 | Faraday | 74 | 72 | 6464 | 73 | 🟢 Good |
| 23 | OSV.dev | 86 | 56 | 2657 | 72 | 🟢 Good |
| 24 | Pentagi | 84 | 56 | 16564 | 71 | 🟢 Good |
| 25 | SecScore | 70 | 72 | 7 | 71 | 🟢 Good |
| 26 | Gravitl | 86 | 47 | 11565 | 68 | 🟢 Good |
| 27 | Presidio | 83 | 47 | 7967 | 67 | 🟢 Good |
| 28 | Redlyne | 76 | 56 | 25 | 67 | 🟢 Good |
| 29 | Clawmoat | 65 | 55 | 39 | 60 | 🟢 Good |
| 30 | MegaLinter | 76 | 38 | 2479 | 59 | 🟡 Fair |
| 31 | ExtensionShield | 68 | 47 | 89 | 59 | 🟡 Fair |
| 32 | Wildbox | 64 | 30 | 128 | 49 | 🟡 Fair |
| 33 | Deepfence ThreatMapper | 58 | 30 | 5262 | 45 | 🟡 Fair |
| 34 | Lynis | 76 | 0 | 15620 | 42 | 🟡 Fair |
| 35 | PayloadsAllTheThings | 74 | 0 | 77491 | 41 | 🟡 Fair |
| 36 | Nettacker | 73 | 0 | 5149 | 40 | 🟡 Fair |
| 37 | OpenAnt | 70 | 0 | 512 | 38 | 🔴 Needs Attention |
| 38 | Secutils | 68 | 0 | 101 | 37 | 🔴 Needs Attention |
| 39 | Mixeway | 67 | 0 | 80 | 37 | 🔴 Needs Attention |
| 40 | CloudRec | 64 | 0 | 180 | 35 | 🔴 Needs Attention |
| 41 | ShieldPilot | 55 | 0 | 1 | 30 | 🔴 Needs Attention |
| 42 | Envy CLI | 52 | 0 | 7 | 29 | 🔴 Needs Attention |
| 43 | Lodestar Forge | 48 | 0 | 109 | 26 | 🔴 Needs Attention |
| 44 | CodeAnalysis | 39 | 0 | 1825 | 21 | 🔴 Needs Attention |
| 45 | NodeJSSCAN | 36 | 0 | 2559 | 20 | 🔴 Needs Attention |
| 46 | Matano | 32 | 0 | 1670 | 18 | 🔴 Needs Attention |
| 47 | Selefra | 33 | 0 | 544 | 18 | 🔴 Needs Attention |
| 48 | VMC | 30 | 0 | 93 | 16 | 🔴 Needs Attention |
| 49 | AgentFence | 30 | 0 | 54 | 16 | 🔴 Needs Attention |
| 50 | OSINT UI | 30 | 0 | 15 | 16 | 🔴 Needs Attention |
Top 3 Highlights
NetBird ranks first with a 94 ToolVitals score, 100 health score, 100 shipping score, and 25,010 GitHub stars. Its description points to zero-configuration mesh VPN for business, so it stands out more as secure networking infrastructure than a narrow vulnerability scanner. Within the 94-score tie group, its GitHub star count is the strongest secondary signal.
Prowler ranks second with a 94 ToolVitals score, 100 health score, 100 shipping score, and 13,746 GitHub stars. The supplied description positions it as an open-source cloud security platform for automating security and compliance across cloud environments. It is one of the clearest fits in the list for teams focused on cloud posture and compliance scanning.
Akto ranks third with a 94 ToolVitals score, 97 health score, 100 shipping score, and 1,471 GitHub stars. Its description focuses on API discovery, posture, and CI/CD testing, which makes it one of the more directly API-security-oriented tools near the top of the ranking. It has fewer stars than NetBird and Prowler, but its ToolVitals score keeps it in the leading group.
Want to see the full details, pricing, and trend data for every tool in Security Scanning? Browse all Security Scanning Tools →