Inside the benchmark: app architectures, walkthroughs of findings, and what each scanner actually caught

projectdiscovery.io · projectdiscovery · 1 day ago · research
5 /10
Average
0 net
AI Summary

Part 2 of a security benchmark study comparing LLM-based security scanners (Neo, Claude Code) against traditional SAST/DAST tools on AI-generated code, finding that Neo detects more true positives with fewer false positives by validating findings against running applications.

Tags
sast dast code-analysis llm-security vulnerability-detection ai-generated-code security-tooling benchmark static-analysis dynamic-analysis
Entities
ProjectDiscovery Neo Claude Code
This is Part 2 of our vibe coding security benchmark study. In Part 1, we compared how LLM-based security tools like ProjectDiscovery's Neo and Claude Code performed against traditional SAST and DAST scanners on AI-generated code. We found that LLM-based tools like Neo and Claude Code detected many high-value findings that traditional scanners missed. Between Neo and Claude Code, Neo produced more true positives and fewer false positives because it could validate hypotheses against a running app
← Back to stories