SiriusScan is an open-source security engineering platform for teams that want continuous visibility, faster risk triage, and practical remediation workflows.
We build security tooling for real operators and developers: discover assets, identify vulnerabilities, prioritize what matters, and integrate security work into day-to-day delivery.
- Continuous discovery and scanning across hosts, services, and infrastructure
- Vulnerability intelligence and risk prioritization using actionable severity context
- Operational workflows for remediation tracking and security posture reporting
- API-first and automation-friendly components for modern DevSecOps pipelines
- Quick start: https://sirius.opensecurity.com/docs/getting-started/quick-start
- Installation: https://sirius.opensecurity.com/docs/getting-started/installation
- API docs: https://sirius.opensecurity.com/docs/api/rest/authentication
- Security policy: https://github.com/SiriusScan/Sirius/security/policy
- Project discussions: https://github.com/SiriusScan/Sirius/discussions
Sirius- Core platform, orchestration, documentation, and deployment baselinego-api- Backend API services for integrations and platform operationsapp-scanner- Scanning execution service for discovery and vulnerability collectionapp-agent- Agent runtime for distributed scanning and remote execution patternspingpp- Network diagnostics and supporting connectivity utilitieswebsite- Public website, messaging, and product-facing content
We welcome improvements in code, testing, documentation, and security hardening.
- Contribution guide: https://github.com/SiriusScan/Sirius/blob/main/CONTRIBUTING.md
- Code of conduct: https://github.com/SiriusScan/Sirius/blob/main/CODE_OF_CONDUCT.md
- Support channels: https://github.com/SiriusScan/Sirius/blob/main/SUPPORT.md