Resource hub

Benchmarking Neo's Black-Box DAST Capabilities

Since the launch of Neo, we've been steadily expanding what it can do. Neo has found 33+ real CVEs across open-source projects, performed well on white-box security testing where source code is available, and generally proven itself as a capable security engineer when it has context to work with. What we hadn't shared yet is how Neo does when it's operating purely as a black-box DAST agent no source code, no architecture context, just a URL. The prompt Neo gets is a minimal prompt with no guida

WebinarNeoDAST

DAST: A blast from the past

Legacy DAST struggles with modern apps. Learn where it still fits, where it fails, and what to ask when evaluating a modern DAST replacement.

WebinarNeo

Can't we do this with Claude Code?

We ran the experiment so you don't have to. Join our Founding Solutions Engineer, Davis Franklin, for a live look at the execution harness behind Neo and why it's harder to replicate than it looks.

WebinarNeoContinuous Pentesting

Continuous Pentesting with Verified Proof

See how Neo continuously combines code understanding and runtime exploitation to find business logic flaws, complex IDORs, and auth bypasses that black-box tools miss.

Resource hub

Benchmarking Neo's Black-Box DAST Capabilities

DAST: A blast from the past

Can't we do this with Claude Code?

Continuous Pentesting with Verified Proof

Book a demo.

DAST: A blast from the past

Can't we do this with Claude Code?

Continuous Pentesting with Verified Proof