Sirius Scan - Open-Source Vulnerability Management Platform

Sirius Scan is an enterprise-grade, open-source vulnerability management platform that unifies network scanning, host-based agent telemetry, and operator-driven triage in one interface. Built for security teams that need speed, context, and control.

v1.0.0 ReleasedProduction-ready scanning and operator workflows

Discover, Prioritize, Investigate, and Remediate

Learn More

A Tactical Vulnerability Platform Built for Operators.

Vulnerability navigator listing CVEs with severity distribution chart and CVSS-based filtering controls

Actionable Vulnerability Intelligence

Prioritize, filter, and investigate findings with operator-focused workflows.

Sirius Scan gives you a live vulnerability navigator with severity distribution, CVSS-based filtering, grouped views, and fast export options. Move from raw findings to concrete remediation decisions without leaving the platform.

Operator Console & Agent Operations

Coordinate interactive investigations across connected agents and targets.

Use the Operator Console to execute commands, review command history, and manage active agents from a unified terminal experience. Sirius Scan combines interactive response with scalable automation for modern security operations.

Operator Console terminal showing interactive command execution and agent targeting interface

Enterprise-Grade Architecture

Microservices-based design built for scale and reliability

Sirius Scan runs on a production-ready architecture with Next.js, Go services, PostgreSQL, RabbitMQ, and Valkey. The scanning pipeline integrates Nmap, Naabu, and agent telemetry with installer-first setup and hardened deployment options.

System Monitoring & Observability

Real-time health monitoring and centralized logging

Track service health, infrastructure metrics, and vulnerability trends in real time. Sirius Scan provides centralized observability across the stack so teams can validate scan outcomes while monitoring platform stability.

Dashboard displaying service health status, container metrics, and vulnerability trend graphs

Flexible Deployment for Production and Development

Sirius Scan v1.0.0 supports installer-first startup for secure defaults, plus flexible compose workflows for production and contributor environments.

Standard Mode

Production-ready setup with installer-managed runtime secrets and complete scanning capabilities.

production

$docker compose -f docker-compose.installer.yaml run --rm sirius-installer

$docker compose up -d

Development Mode

For contributors with hot-reloading, volume mounts, and debugging tools for active development

development

$docker compose -f docker-compose.installer.yaml run --rm sirius-installer

$docker compose -f docker-compose.dev.yaml up -d

Get Started

System Requirements

Minimum Requirements

• Docker Engine 20.10.0+ with Compose V2
• 4GB RAM minimum
• 10GB free disk space
• Linux, macOS, Windows (WSL2)

Enterprise Scale

• 8+ CPU cores recommended
• 16GB+ RAM for large environments
• 500GB+ storage for scan data
• High-speed network connectivity

Effortless Setup and Powerful Usability

Ease of UseSirius Scan features a user-friendly interface and easy setup, allowing you to start scanning your network for vulnerabilities quickly and efficiently.

DocumentationComprehensive documentation helps you get started with Sirius Scan and guides you through its various features and capabilities.

CommunityAs an open-source project, Sirius Scan is backed by an active community of security professionals and developers who continuously work on enhancing the tool.

SIRIUS

SCAN