Argus – RAG based vulnerability scanner (github.com)

The newly announced Argus vulnerability scanner utilizes Retrieval-Augmented Generation (RAG) to assess vulnerabilities in projects built with Go, Python, Rust, npm/Node.js, Maven/Java, NuGet/.NET, and Ruby. It employs local Ollama models or any OpenAI-compatible API, ensuring data privacy by keeping the code and processes entirely on the user's machine without any cloud dependency. The scanner offers a streamlined process for ingestion and scanning, utilizing a cache of vulnerability databases for efficient and up-to-date assessments. This development is significant for the AI/ML community as it incorporates advanced machine learning techniques to enhance security in software development. Key features include version-aware filtering of CVEs, semantic cosine search for identifying vulnerabilities, and parallel processing capabilities for scanning multiple projects simultaneously. With output formats that support integration with CI/CD pipelines, Argus allows developers to quickly identify and remediate vulnerabilities while minimizing noise and false positives, making it a valuable tool for maintaining secure codebases in an increasingly complex development landscape.