Qualys VMDR
Risk-based vulnerability management with automated prioritization and patching.
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Collaborative platform to centralize, automate, and visualize vulnerability data
Faraday aggregates and normalizes vulnerability findings from any scanner, offering multi‑user dashboards, CLI automation, and API access to streamline remediation across CI/CD pipelines.
Faraday is a vulnerability management platform designed for security teams, DevSecOps engineers, and penetration testers who need to consolidate findings from dozens of scanners. By normalizing data from over 80 supported tools, it provides a unified view that can be explored through interactive dashboards, reports, and API queries. The web interface supports multi‑user collaboration, allowing analysts to assign, track, and remediate issues together.
The solution can be launched quickly with Docker‑compose, run as a Docker container, installed from Debian/RPM packages, or built from source. A PostgreSQL database backs the platform for production use, while a lightweight local setup is possible for testing. Faraday also offers a command‑line client and REST API, enabling seamless integration into CI/CD pipelines such as GitHub Actions, GitLab CI, Jenkins, and TravisCI. Custom plugins and report importers extend its capabilities, making it adaptable to any security workflow.
When teams consider Faraday, these hosted platforms usually appear on the same shortlist.
Risk-based vulnerability management with automated prioritization and patching.
Vulnerability management with live dashboards, unified agent, and risk-based prioritization
Risk-based vulnerability management for continuous discovery, prioritization, and remediation
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
CI/CD pipeline integration
Automatically run Bandit and OWASP ZAP, ingest results into Faraday for continuous monitoring, reducing time to remediation.
Red team collaboration
Multiple analysts import Nmap, Burp, and Nessus outputs, share via dashboard, accelerating triage and response.
Compliance reporting
Generate aggregated vulnerability metrics for audits, simplifying evidence collection and demonstrating remediation progress.
Incident response coordination
Ingest live scan data, assign tasks, track remediation status, and reduce dwell time through coordinated effort.
Faraday can be deployed via Docker‑compose, Docker container, Debian/RPM packages, or from source using Python virtual environments.
Over 80 tools are supported through console and report plugins, including Nmap, Burp Suite, Nessus, OWASP ZAP, Bandit, and many more.
Yes, the platform provides role‑based access, shared workspaces, and dashboards designed for collaborative vulnerability management.
Use the faraday‑cli or REST API to trigger scans and import results from pipelines such as GitHub Actions, GitLab CI, Jenkins, or TravisCI.
Faraday is released under the GPL‑3.0 license.
Project at a glance
ActiveLast synced 4 days ago