Enterprise

What do you like best about the product?

The interface is very clear and easy to use. Our desired use case could be implemented very easily, and we were able to quickly work with support to develop solutions that work for us. Customer support is top-notch; you get immediate responses, and they take care of users' problems and concerns right away. The regular port scans help us keep an eye on our attack surface without having to write many scripts ourselves. The integration of GitHub in conjunction with our own templates completes the platform and offers us very high added value. In our internal External Attack Surface Management, Project Discovery is therefore indispensable.

What do you dislike about the product?

When first getting started, you have to search a bit for the countless functions and features, but you quickly get the hang of it!

What problems is the product solving and how is that benefiting you?

As part of our EASM process, it is important to perform port scans to regularly check from the outside whether ports are mistakenly open or not. We can schedule our own Nuclei templates with Project Discovery and have new ports scanned automatically.

What do you like best about the product?

ProjectDiscovery's open-source tool suite has completely revolutionized my security workflow. Whether you're a penetration tester, bug bounty hunter, or red teamer, these tools are battle-tested, fast, and developer-friendly.

🔍 Nuclei is the crown jewel. Its templating engine is blazing fast, supports parallel scanning, and allows for custom YAML-based templates, making it easy to scale your recon and vulnerability discovery across thousands of assets in seconds. The community around it is vibrant, and the shared templates library on GitHub is a goldmine of continuously updated detection capabilities.

📡 Subfinder is incredibly accurate and lightning quick for passive subdomain enumeration. It integrates seamlessly with multiple sources and provides a solid foundation for mapping an organization's external attack surface.

🕵️ httpx is my go-to for validating and probing large volumes of targets. Whether I'm checking for HTTP response behavior, status codes, or CDN/waf fingerprints—httpx delivers consistently with great customization.

🔐 Naabu for port scanning is lean yet powerful. It's great for quick visibility into exposed services, and when paired with Nuclei, forms an unbeatable combo for surface mapping and vulnerability discovery.

💡 What sets ProjectDiscovery apart is their modular, CLI-first philosophy, clean Go codebases, and ease of integration into CI/CD pipelines. They’re perfect for automating security at scale.

What do you dislike about the product?

While the CLI-first design is a strength, there's still a lot of scope to enhance the user experience with a more intuitive and unified UI.

What problems is the product solving and how is that benefiting you?

ProjectDiscovery is solving the critical challenge of scalable, automated reconnaissance and vulnerability detection. In modern security workflows—especially in bug bounty, red teaming, and large-scale asset monitoring—manual enumeration and scanning are inefficient and error-prone.

Their tools like Nuclei, Subfinder, httpx, and Naabu help automate every stage of external surface mapping: from discovering subdomains and probing ports to identifying misconfigurations and known vulnerabilities. This has significantly reduced the time I spend on repetitive tasks, allowing me to focus on deeper analysis and exploitation.

By integrating seamlessly into CI/CD pipelines and supporting easy scripting, ProjectDiscovery enables continuous security testing—a major benefit in fast-moving environments. The performance, speed, and customization offered by their tools have streamlined my workflow and improved both the quality and coverage of my assessments.

What do you like best about the product?

The ProjectDiscovery Cloud Platform brings a modern take on vulnerability management. Built upon their solid open source foundation (Nuclei, Cloudlist, httpx and friends), the platform was extremely easy to plug in to our existing infrastructure for asset discovery and for us to start seeing value immediately. All of the expected integrations (Slack, Jira, webhook etc.) are available and work well. Whilst the plethora of community Nuclei templates gives extensive vulnerability scanning coverage, we also run some of our own for bespoke use-cases (and there's even some AI assistance to help with that). With all of this in mind, the core capability of vulnerability management works very well, with zero/low false positives, and quick detection of anything that needs to be mitigated or remediated. The team at ProjectDiscovery are excellent - they're quick to provide support if needed and it's clear that they genuinely care about building a produce that revolutionises the way vulnerability management works.

What do you dislike about the product?

No downsides to report. The ProjectDiscovery Cloud Platform delivers exactly what we need.

What problems is the product solving and how is that benefiting you?

Continuous vulnerability management, with actionable output and low noise.

What do you like best about the product?

The combination of speed, scalability, and the ongoing intelligence driven by its active community makes this solution a great addition to existing tooling. We were able to gain coverage across our complex cloud environment and conduct scans in a fraction of the time it used to take, and the constantly updated Nuclei templates provide invaluable, real-time insights into emerging threats. The ability to quickly create custom templates and proactively identify our exposure, has been a differentiator and the overall onboarding and ease of implementation was incredibly simple, both for blind asset discovery and cloud integrations. The support team is on top of all requests and receptive of enhancement requests.

What do you dislike about the product?

Some organizations with highly complex and deeply integrated security ecosystems might find the current platform to be somewhat less feature-rich compared to more mature, all-encompassing enterprise solutions. More extensive workflow automation capabilities could further enhance its overall utility within larger, more established security operations centers. However, their focus on core functionality is also what contributes to its speed and efficiency, and I anticipate that they will continue to expand the feature set over time based on user feedback and market demands.

What problems is the product solving and how is that benefiting you?

We started using ProjectDiscovery when our team was looking for innovative solutions to keep up with the scale and complexity of our expanding attack surface. What stood out immediately was how fast and easy it was to get going — we had scans running within 30 minutes of first logging into the platform, including full coverage across 60+ AWS accounts. The performance is seriously impressive. What used to take days with custom scripting now takes minutes and the results themselves are actionable. Centrally located in a management platform the entire team can use - this immediately replaced a lot of our custom scripting and supplemented our existing enterprise tooling.

What I really appreciate is how community-driven the whole platform is. The Nuclei templates are constantly updated, which keeps us ahead of the curve and provides transparency on emerging threats - I know what templates are loaded and get full visibility into the conditions that trigger alerts right in the platform - making it much easier to evaluate findings. ProjectDiscovery open source tooling has already become a key part of our security ops, and it’s clear the team behind the enterprise offering is working to understand the needs of it's practitioners.