Skip to content
AlertaVuln

Know the moment a CVE puts your software at risk

AlertaVuln watches the vulnerability feeds and scans the code you actually run - event-driven CVE alerting plus code & dependency scanning, with every finding triaged RED / YELLOW / GREEN and the reasoning to back it up.

Event-driven, not scheduled

CVE announcements trigger scans of your connected repositories the moment they land - you don’t wait for a nightly CI job to find out you’re exposed.

RED / YELLOW / GREEN, with reasoning

Every alert carries a three-tier verdict - RED YELLOWGREEN - plus the reasoning behind it, so you can triage in seconds instead of wading through raw severity noise.

Your code never leaves your machine

Local code scanning (SAST) via the CLI runs a series of specialised scans on your machine - unlimited and free on every plan.

Every surface, one verdict

The web app, the CLI and the MCP server all read the same server-side intelligence - the verdict is identical wherever you check.