Every tool claims to catch critical vulnerabilities. Every scanner has a 'we found this' example. Every AI audit product shows a pretty report.

But for a dev team deciding what to add before an audit - what's the real comparison point?
Too often: reputation + vibes + nicer landing page.

We need public benchmarks. Same test cases across the board.

EVMBench is the best I've seen so far. What benchmarks do you use internally?