ScanGate

ScanGate is a web app (with a lightweight CLI) that runs targeted web application vulnerability scans automatically on every pull request and deployment, then enforces release gates based on evidence, not noisy severity labels. Instead of dumping a long report, it produces a short “release brief” with reproducible steps, affected endpoints, request/response snippets, and a confidence score. It supports authenticated scanning via ephemeral test accounts and can replay key flows (login, checkout, admin actions) using recorded scripts. Results are tracked over time per service and per route, so teams can see whether risk is actually shrinking. It integrates with GitHub/GitLab, Slack, and common CI systems to fail builds only when findings are high-confidence and exploitable. Reality check: it won’t replace full pentests or mature enterprise scanners, but it can catch common, high-impact issues earlier with less developer fatigue.