@joshbressers newer tools have trended towards customization (LibAFL for fuzzing, CodeQL for static analysis) because vulnerability research requires knowledge of the code and environment to have effective results.I worry for open source having to deal with a worse version of "my scanner found a thousand uses of strcpy", and having to divert attention from actual security issues.