Vulkro vs Trivy
If you are choosing a security scanner for a codebase that AI assistants now write much of, two questions come before any feature list: where does your code go when the tool runs, and does the tool give the same answer twice. This page compares Vulkro and Trivy on both, then on a published benchmark you can rerun.
The two things this page leads with:
- Your source code never leaves your machine. Both tools run offline as a single binary, so this is a tie on intent. Neither uploads your source. That is the right baseline for any modern scanner, and both clear it.
- Application-layer SAST depth. This is the wedge. Trivy is excellent at containers, IaC, and software composition (SCA), but it is thin on multi-class application SAST: the broken access control, injection, SSRF, IDOR, mass-assignment, and auth-bypass findings that live in your own code rather than in a dependency manifest. Vulkro is built for exactly that surface, in the same offline binary, and bundles its own CVE / SCA pass so you do not give up Trivy's strengths to get it.
Trivy (from Aqua Security) is the most widely adopted offline scanner for containers and infrastructure. It is fast, it is genuinely free, and for "scan this image and this Terraform" it is a great default. The honest comparison is about what each tool is built to find.
At a glance
| Vulkro | Trivy | |
|---|---|---|
| License | 14-day trial on first sign-in; licenses issued directly by our team | Apache 2.0 |
| Runs where | Your machine | Your machine |
| Source code uploaded | Never | Never |
| Telemetry | Six usage fields: product, install id, version, operating system, timestamp, and a scan counter. Never code or findings | None |
| Container image scanning | Via the image / IaC pass | Flagship strength |
| IaC / misconfiguration | Yes | Flagship strength (Terraform, K8s, Dockerfile, CloudFormation) |
| Dependency CVE / SCA | Local bundle (OSV+NVD+KEV+EPSS), in-scan | Flagship strength (broad ecosystem coverage) |
| Secrets scanning | Yes (including git history) | Yes |
| Multi-class application SAST | Flagship strength (taint flow, OWASP API Top 10) | Thin (no cross-file taint analysis of app logic) |
| Cross-file taint flow | Yes, default-on | No |
| OWASP API Top 10 + LLM Top 10 | All 10 + LLM 01/06 | Not the focus |
| Salesforce (Apex / LWC / Flow) | Separate Vulkro for Salesforce edition | No |
| Public benchmark | Reproducible | N/A for app-SAST class |
Benchmark numbers
On our published corpus (15 deliberately vulnerable projects, 90 catalogued bugs, 76 in the supported-language roll-up) Vulkro scores precision 0.81, recall 0.58, F1 0.68 for application-class bugs at its default high-confidence setting. In July 2026 we grew that ground truth from 69 to 90 catalogued bugs and published the recall drop that came with it; the corpus is versioned and the numbers regenerate from one command.
To be plain about it: the harness does not include Trivy yet, so this page carries no benchmark numbers for Trivy at all, invented or otherwise. Trivy is not built to find that class of bug, which is exactly the point: the two tools cover different ground. The comparison here is architecture and scope, not a scored head-to-head.
$ bench/comparison/run.sh --tier1 · scores: bench/comparison/scorecard-high.md
The architectural distinction
Trivy and Vulkro are not really competing for the same finding. They overlap on the perimeter (CVEs in dependencies, secrets, container and IaC misconfiguration) and diverge on the core (application logic).
- Trivy answers: is anything in my supply chain or my infrastructure config known to be vulnerable or misconfigured? It is a scanner of artifacts and manifests. It does not build a call graph of your application and follow tainted input from an HTTP handler to a sink.
- Vulkro answers that supply-chain question too (its CVE bundle runs in the same scan), and then goes further: it builds the cross-file taint flow, so a request parameter that reaches a SQL string, a file path, an SSRF-able URL, or an unprotected DML call surfaces as a finding with the path that connects them.
Where Trivy wins
Concessions first, because they are real:
- Container and IaC breadth is unmatched in this comparison. Image scanning, Terraform, Kubernetes, Dockerfile, CloudFormation: Trivy's flagship ground, wider and deeper than Vulkro's image and IaC pass.
- Broader SCA ecosystem coverage. Trivy matches CVEs across more package ecosystems than Vulkro's five (npm, PyPI, Go, Cargo, Maven).
- It is free. Apache 2.0, no license term, no tiers. If your need is artifact and manifest scanning, you may never need to pay anyone.
When to pick Vulkro
- You need application-layer SAST: broken access control, injection, SSRF, IDOR, mass-assignment, auth bypass, found by cross-file taint analysis of your own code.
- You want CVE / SCA, secrets, IaC, and container checks plus deep app SAST from one offline binary and one report.
- You want the OWASP API Top 10 and LLM Top 10 (LLM01 / LLM06) out of the box.
- You want a paid, supported product with a vendor on the hook. Create an account and your first CLI sign-in starts a 14-day trial of the full product; Vulkro is licensed per seat, directly through our team, at [email protected].
Run them together
There is no conflict in running both. A common shape:
# Supply chain + infra, Trivy's strength:
trivy fs --scanners vuln,misconfig,secret . --format sarif --output trivy.sarif
# Application-layer SAST + in-scan CVE, Vulkro's strength:
vulkro scan . --format sarif > vulkro.sarif
# Both emit SARIF; GitHub Code Scanning ingests either file.
Use Trivy for the artifacts and the infrastructure, Vulkro for the application logic. If you only want one binary, pick the tool whose flagship strength matches the risk you are most exposed to.
See also: Vulkro vs Semgrep, Vulkro vs Bearer, Vulkro vs Snyk, Compare the scanners, Best offline SAST, Benchmark.