@mattes @Niklas_L
But would that be done by a tool? Vulnerability scanning should not be a manual
task.

If you mean awareness and best practices, this could be added.

It would be interesting what resources you hand to your developers.