VulnGuard
Sign in

$ VULNGUARD --SCAN

Ship secure code without babysitting scanners.

Connect your GitHub, GitLab, or Bitbucket repositories. VulnGuard tracks dependency vulnerabilities, SAST issues, and exposed secrets — auto-fixes what's fixable, queues the rest for review.

$ vulnguard --how

How it works

1

$ connect --provider github,gitlab,bitbucket

Link your repos in seconds, no CI config required.

2

$ scan --tools osv,semgrep,gitleaks

Every push gets checked for vulnerable dependencies, code flaws, and leaked secrets.

3

$ fix --auto-pr

Dependency issues get a pull request automatically, respecting your severity threshold.

4

$ review --queue

SAST and secrets findings land in a manual review queue with full context, never silently auto-merged.

$ vulnguard --preview

The dashboard, live

vulnguard.app/dashboard
VulnGuard
Dashboard
Connections
Repos
Findings
12
repos connected
34
open findings
18
auto-fixed this month
6
needs review
recent findings
critical
lodash@4.17.19
pr opened
high
axios@0.21.1
auto fixed
high
aws_access_key_id
needs review
medium
sql-injection @ users.py:142
needs review
medium
flask@1.1.2
open
high
next@13.4.0
auto fixed

Auto-fix dependencies

Open PRs bumping vulnerable packages automatically, respecting your severity policy.

Track every finding

Lifecycle from open → auto_fixed → pr_opened → needs_review → ignored, always visible.

SAST & secret scanning

Semgrep, Gitleaks, Trivy, OSV — one queue, one review workflow.

# most tools solve one piece. we cover the whole loop.

Why not just use X?

featureVulnGuardGitHub Advanced SecuritySnykRenovate
Multi-provider (GH+GL+BB)
Auto-fix PRs
SAST scanning
Secret scanning
Manual review queue
Pricing modelflatper-seatper-seatfree/oss

$ vulnguard --pricing

Simple pricing

Free
$0/mo
  • Up to 2 repos
  • Weekly scans
  • Manual review only
  • Community support
Get started
most popular
Indie
$19/mo
  • Up to 15 repos
  • Daily scans
  • Auto-fix enabled
  • Email alerts
  • All 3 providers
Get started
Team
$49/mo
  • Unlimited repos
  • Real-time scans on push
  • Auto-fix + auto-merge policies
  • Priority support
  • SSO on request
Contact us

$ vulnguard --faq

Frequently asked

Yes. OAuth scopes request read access to your private repos on GitHub, GitLab, or Bitbucket. Tokens are encrypted at rest and never exposed to the browser.