The all-in-one open source security scanner

Use Tunnel to find vulnerabilities (CVE) & misconfigurations (IaC) across code repositories, binary artifacts, container images, Kubernetes clusters, and more. All in one tool!

Get started Read the Docs

It's all about the community!

Tunnel is praised by professionals worldwide. Are you a Tunnel fan as well? We'd love to hear from you!

Share your story Discuss on GitHub

Sam White, GitLab

Case Study

"Tunnel was a clear leader in the market as far as features, functionality, and capabilities"

Ariadne Conill, Alpine Security

@ariadneconill

...the tl;dr is basically Khulnasoft's Tunnel is the best one, all of the other ones are a waste of time

Harbor Team

Harbor blog

"Tunnel takes container image scanning to higher levels of usability and performance."

Milind Gadre, Mirantis

Mirantis

"After evaluating several leading options for open source vulnerability scanning, Tunnel really stood out"

Jerry Gambli

@JGamblin

The way the @KhulnasoftSecTeam team has turned Tunnel into the best open-source vulnerability scanner in such a short time is really amazing.

Yaney

y4ney

"Tunnel is, by far, the best open-source tool for cloud-native security that I have ever used"

Ulises Galeano, MasterCard

ulises-galeano

"This tool just keeps getting better and better..."

Damian Naprawa

@DamianNaprawa

"So happy to see collaboration between @Azure and @KhulnasoftSecTeam on scanning container images in Azure Container Registry CI/CD workflows using such a great tool - Tunnel."

Mustafa Akin, Resmo

mustafaakin

"I love how Tunnel democratized dependency scanning to the masses as a free and extremely easy to use tool, with also a permissive license. This used to be a gated community with predatory security vendors charging premium, and they were not half as good as Tunnel."

dynaptik, Deutsche Bahn

@dynaptik

"Tunnel easily for what it brings to the table (secret scanning, vuln scan, license check) and little effort required. Bang for the buck it's pretty amazing"

Cristiano Corrado, Wise

wise-engineering

"The discovery process led us to evaluate multiple open-source tools ... The final decision was to use Tunnel"

Saim Safdar

@cloudnativeboy

"my favorite @Docker extension. (Tunnel)"

Jonathan Gonzalez V., CloudNativePG

@sxd

"Thanks @KhulnasoftSecTeam for creating Tunnel and help us to improve @CloudNativePg security"

Andy Roberts, Vista

@andyr8939

"I've tried a few and all have pros/cons but I found that Tunnel is the best of them"

Ali Faraj, Antigen Security

@andyr8939

"Tunnel from Khulnasoft Security is my new favorite tool... It's such a powerful tool with the ability to generate SBOMs, find vulnerabilities, misconfigurations, and secrets!"