2.3 KiB
Shannon Pro vs Shannon Lite
Technical Differences
Shannon Pro is built on advanced, LLM-powered data flow analysis inspired by the ideas of the LLM-driven Data-Flow Analysis paper. It traces data flows to identify complex, exploitable vulnerabilities with high precision. It's cloud-based with native CI/CD integration (GitHub Actions, GitLab CI, Jenkins) and supports self-hosted deployment.
Feature Comparison
| Feature | Shannon Lite (BSL 1.1) |
Shannon Pro (Commercial) |
|---|---|---|
| Core Scanning | ||
| Source-Sink Analysis | Basic | LLM-powered data flow analysis for high-precision, source-to-sink vulnerability detection |
| CVSS Scoring | ❌ | ✅ |
| Remediation Guidance | Basic | Code-level fixes |
| Integration | ||
| CI/CD Pipeline Support | ❌ | ✅ |
| API Access | ❌ | ✅ |
| Jira/Linear/ServiceNow/Slack | ❌ | ✅ |
| Deployment | ||
| Hosting | Self-hosted | Cloud or Self-hosted |
| Enterprise | ||
| Multi-user & RBAC | ❌ | ✅ |
| SSO/SAML | ❌ | ✅ |
| Audit Logs | ❌ | ✅ |
| Compliance Reporting | ❌ | ✅ (OWASP, PCI-DSS, SOC2) |
| Support | ||
| Support | Community | Dedicated + SLA |
| Cost | Free + API costs | Contact Us |
Which to Choose?
Shannon Lite: Individual researchers, small teams, or testing personal projects
Shannon Pro: Designed for organizations that want to "shift-left" and integrate security directly into their development lifecycle. Its advanced LLM-powered data flow analysis engine is ideal for catching deep-seated vulnerabilities before they ever reach production, complemented by full CI/CD integration and enterprise support.
Interested in Shannon Pro?
Shannon Pro offers enterprise-grade features, dedicated support, and seamless CI/CD integration for organizations serious about application security.
Or contact us directly:
📧 Email: shannon@keygraph.io