ScanRook
Launch post

Why We Built ScanRook

Most scanners force a cloud-first workflow or overload teams with findings they cannot trust quickly. We built ScanRook to start local, stay fast, and add cloud enrichment only when you need it.

The Problem

  1. Too many findings with unclear applicability.
  2. Slow, opaque scan workflows.
  3. Friction to adopt in developer pipelines.

Our Approach: Local-First + Cloud Enrichment

  • Local scan engine runs without mandatory cloud auth.
  • Cloud enrichment adds context, org workflows, and scaling controls.
curl -fsSL https://scanrook.sh/install | bash
scanrook scan --file ./image.tar --mode deep --format json --out report.json

What Makes ScanRook Different

  1. Installed-state-first model.
  2. Confidence tiering for findings (confirmed vs heuristic).
  3. Workflow visibility from queue to completion.
  4. API and org controls for managed team operations.

What's Next

  • Reproducible benchmark reports vs common tools.
  • CI integrations (GitHub Actions first).
  • Expanded distribution (Homebrew, crates.io, Docker).

Try It

curl -fsSL https://scanrook.sh/install | bash
Install CLISign in to platformBack to blog