Bearer

Vulnerability Scanning

A static application security testing (SAST) tool that scans source code for security and privacy risks across multiple languages.

Track releases GitHub Website

Go Latest v2.0.2 · 16d ago Security brief →

Features

Detects OWASP Top 10 and CWE‑Top 25 vulnerabilities via built‑in rules
Identifies sensitive data flows and PII/PHI usage for privacy compliance
Supports a wide range of languages (Go, Java, JavaScript, TypeScript, PHP, Python, Ruby, C#, Kotlin, Elixir, VB.Net)
Provides both an open‑source CLI and a commercial Pro offering

Recent releases

View all 3 releases →

No immediate action

v2.0.2 Mixed 16d

Field‑name support + M5 segfault fix

Open

v2.0.0 New feature 4mo

Notable features

Reduced false positives
Improved grammar support
Support for new file types

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

J

F

M

A

M

J

Cadence 0.1 / wk

Last release 16d

Tracked 3

Security

Full profile →

Security score 8.4/10

OpenSSF 6.7/10

Open CVEs 0

SECURITY.md Active maintainer

Community

GitHub stars 2,673

Forks 142

Open issues 20

Open PRs 4

Stars/wk velocity 0.0

About

Stars

2,673

Forks

142

Languages

Go HTML C

Downloads/week

454 ↓35%

NPM Maintainers

4

Contributors

17

View on GitHub View on npm Homepage Documentation

Install & Platforms

Install via

shell-script brew apt docker

Similar tools

Deepfence ThreatMapper

kastelldev/kastell

UPinar/contrastapi

About

Stars

2,673

Forks

142

Languages

Go HTML C

Downloads/week

454 ↓35%

NPM Maintainers

4

Contributors

17

View on GitHub View on npm Homepage Documentation

Install & Platforms

Install via

shell-script brew apt docker

Similar tools

Deepfence ThreatMapper

kastelldev/kastell

UPinar/contrastapi

Beta — feedback welcome: [email protected]