Application Security

API Security

Miggo WAF Copilot on SecurityListing: AI-powered WAF rule automation for instant vulnerability protection

Risk Assessment

DerSecur Software Composition Analysis (SCA) on SecurityListing: SCA tool for SBOM generation, dependency analysis, and open-source risk mgmt.

API Security

Offensive 360 on SecurityListing: SAST tool using virtual compilers to analyze source code for vulnerabilities

Secure Code Training

Hacksplaining on SecurityListing: Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.

Dynamic Application Security Testing

Caido on SecurityListing: A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.

Vulnerability Assessment

Acunetix Vulnerability Scanner on SecurityListing: A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

Container Security

BoostSecurity Continuous AppSec Testing on SecurityListing: Continuous AppSec testing platform with zero-touch provisioning for CI/CD

Dynamic Application Security Testing

N-Stalker on SecurityListing: A web security tool that scans for vulnerabilities and known attacks.

API Security

Miggo Security Observability on SecurityListing: Runtime app security observability platform with attack path detection

Security Scanning

DeepSource SAST on SecurityListing: SAST engine that scans code commits for security vulnerabilities

Static Application Security Testing

Delphos Labs Analyze on SecurityListing: AI-powered reverse engineering tool for analyzing compiled binaries

Penetration Testing

ISE Vulnerability Assessment Services on SecurityListing: Manual vulnerability assessment services with custom exploit development

Container Security

Anchore Enterprise on SecurityListing: Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.

Container Security

Conviso AppScan on SecurityListing: Orchestrates and centralizes app security testing results from multiple scanners

Vulnerability Assessment

Invicti Software Composition Analysis on SecurityListing: SCA tool with proof-based validation and runtime analysis for open-source risks

API Security

Flyingduck Software Composition Analysis on SecurityListing: SCA tool for identifying & resolving vulnerabilities in dependencies

API Security

Citrix NetScaler on SecurityListing: Application delivery controller for optimizing app performance and security

Threat Intelligence Platforms

Ossprey on SecurityListing: Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.

Penetration Testing

Conviso Platform on SecurityListing: AppSec platform for managing application security posture with consulting services

Software Composition Analysis

BoostSecurity Software Supply Chain Protection on SecurityListing: Software supply chain security platform for SDLC infrastructure protection

Application Security Posture Management

Heeler Response Orchestration on SecurityListing: Automates vulnerability remediation workflows between security and dev teams

Static Application Security Testing

DARPA Bin2Math on SecurityListing: Extracts mathematical algorithms from binary programs for CPS analysis.

API Security

Plexicus ASPM on SecurityListing: ASPM platform with automated remediation for code, dependencies, IaC, and APIs

Static Application Security Testing

Vidoc Security on SecurityListing: VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.

API Security

Ghost Security Exorcist on SecurityListing: AI-driven code analysis tool for API discovery and vulnerability detection

Security Information and Event Management

Dynatrace on SecurityListing: Unified observability and security platform with AI-powered analytics

Static Application Security Testing

Arnica on SecurityListing: Arnica is an application security platform that offers real-time scanning, risk mitigation, and management across various aspects of the software development lifecycle.

Container Security

Kodem C.O.R.E. on SecurityListing: Unified engine correlating static & runtime analysis for app security

Container Security

MatosSphere Software Composition Analysis on SecurityListing: SCA tool for detecting vulnerabilities & license risks in open-source deps

Application Security Posture Management

Miggo Prove Next-Gen Runtime Vulnerability Prioritization on SecurityListing: Runtime vulnerability prioritization using code execution and attack path analysis

Dynamic Application Security Testing

GuardRails on SecurityListing: DevSecOps platform for vulnerability detection and developer security training

Security Scanning

Qualys Web Application Scanning (WAS) on SecurityListing: A cloud-based DAST solution that discovers, inventories, and tests web applications and APIs for security vulnerabilities across diverse environments.

Dynamic Application Security Testing

Boman.ai AppSec Tool on SecurityListing: ASPM platform for monitoring, prioritizing, and remediating risks across SDLC

API Security

Operant Cloud Application Detection and Response on SecurityListing: Runtime CADR platform for API security, K8s protection, and L7+ visibility

API Security

F5 BIG-IP Advanced WAF on SecurityListing: WAF protecting apps and APIs from attacks, bots, and OWASP Top 10 threats

Dynamic Application Security Testing

Heeler ASPM on SecurityListing: ASPM platform that correlates security findings and reduces alert noise by 99%

Vulnerability Assessment

Paros on SecurityListing: A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.

API Security

Jsmon 2.0 on SecurityListing: JavaScript security scanner for detecting vulnerabilities in third-party scripts

Static Application Security Testing

Offensive 360 O360 on SecurityListing: SAST tool using virtual compilers to analyze source code for vulnerabilities

Software Composition Analysis

Raven Runtime Prevention on SecurityListing: Runtime protection preventing supply-chain attacks & exploits via library-level policies

API Security

Ammune API Discovery on SecurityListing: API security platform with discovery, WAF, bot protection, and DDoS defense

Risk Assessment

OctoXLabs CAASM on SecurityListing: CAASM platform for asset discovery, vulnerability mgmt, and inventory tracking

API Security

Penta Security WAPPLES on SecurityListing: Web application firewall protecting enterprise web apps and APIs

Software Composition Analysis

Finite State Platform on SecurityListing: Platform for vulnerability detection in firmware, binaries, and SBOMs

Secure Code Training

The Matasano Crypto Challenges on SecurityListing: A set of 48 practical programming exercises in cryptography and application security

Software Composition Analysis

Phylum on SecurityListing: Identifies 137 malicious npm packages and gathers system information to a remote server.

API Security

Impart on SecurityListing: A web application firewall and API security platform that combines API discovery, runtime protection, vulnerability testing, and security posture management.

Dynamic Application Security Testing

DigitSec Automated Application Security Testing on SecurityListing: Automated app security testing platform for Salesforce and B2C Commerce

Dynamic Application Security Testing

Miggo Security on SecurityListing: Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security

API Security

F5 NGINX App Protect on SecurityListing: A lightweight web application firewall that protects modern applications and APIs across distributed architectures with integrated DoS protection, bot defense, and DevOps-friendly deployment options.

Application Security Posture Management

StepSecurity on SecurityListing: StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.

API Security

Cequence CQAI on SecurityListing: AI-powered API threat detection using behavioral fingerprinting & threat intel

Software Composition Analysis

FossID Software Composition Analysis on SecurityListing: SCA tool for code scanning, license identification, and SBOM generation

Static Application Security Testing

SearchCode on SecurityListing: SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.

VPN

Huawei MDM Security on SecurityListing: Enterprise mobile device & app management platform for BYOD, COPE, and COBO

Next-Generation Firewalls

F5 BIG-IP Local Traffic Manager on SecurityListing: Application delivery controller with load balancing and traffic management

Mobile App Security

App Detonator on SecurityListing: A tool for dynamic analysis of mobile applications in a controlled environment.

Mobile App Security

class-dump on SecurityListing: A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.

Software Composition Analysis

DeepSource SCA on SecurityListing: SCA platform with reachability analysis, AI-powered fixes, and license compliance

Software Composition Analysis

Flyingduck Secure Every Commit on SecurityListing: Commit-level code security scanning for vulnerabilities, secrets, and licenses

Penetration Testing

Strobes ASPM on SecurityListing: A threat exposure management platform that unifies security operations by discovering assets, prioritizing vulnerabilities based on risk, and providing guided remediation across an organization's attack surface.

Static Application Security Testing

DerSecur DerScanner on SecurityListing: SAST tool that scans source code and binaries for security vulnerabilities

Penetration Testing

PortSwigger on SecurityListing: A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.

Security Scanning

DeepSource IaC Security on SecurityListing: IaC security scanner that detects misconfigurations in infrastructure code

Threat Intelligence Platforms

Heeler Runtime, Fixability-First SCA on SecurityListing: Runtime SCA tool prioritizing fixable & exploitable open-source vulnerabilities

API Security

Operant AI API Threat Protection on SecurityListing: Runtime API threat protection for Kubernetes environments with discovery

API Security

Equixly The Agentic AI Hacker on SecurityListing: AI-powered API security testing platform for continuous vulnerability scanning

Application Security Posture Management

Layer Seven Security Cybersecurity Extension for SAP Solutions on SecurityListing: Cybersecurity protection platform for SAP systems including S/4HANA and HANA

Software Composition Analysis

Endor Labs Application Security on SecurityListing: AI-powered AppSec platform for code, dependencies, and container security

API Security

Cequence API Security on SecurityListing: API security platform for discovery, testing, and protection of APIs

API Security

Akto Agentic AI Security Benchmark 2025 on SecurityListing: AI-powered API security platform for discovery, testing, and protection

Container Security

BoostSecurity Secrets Detection on SecurityListing: Scans source code and containers for 130+ types of hardcoded secrets

Static Application Security Testing

Entropy Source Evaluation on SecurityListing: Using high-quality entropy sources for CSPRNG seeding is crucial for security.

Mobile App Security

SmaliHook on SecurityListing: Original SmaliHook Java source for Android cracking and reversing.

API Security

Ostorlab Mobile Security on SecurityListing: Mobile security testing platform for Android and iOS apps with SAST and DAST

Penetration Testing

AppUse on SecurityListing: A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.

Risk Assessment

Koi Platform on SecurityListing: Tracks, governs, and secures software installs across endpoints and marketplaces.

Static Application Security Testing

DeepSource Autofix™ AI on SecurityListing: AI-powered code cleanup tool that automatically fixes security and quality issues

Threat Intelligence Platforms

DBAppSecurity DAS Web Application Firewall on SecurityListing: WAF protecting websites and web apps from OWASP Top 10 and zero-day attacks

Application Security Posture Management

Invicti ASPM on SecurityListing: ASPM platform for vulnerability mgmt, deduplication, triage & remediation

API Security

APIsec API Security on SecurityListing: AI-powered API security testing platform with continuous attack simulation

Dynamic Application Security Testing

Wapiti on SecurityListing: Web-application vulnerability scanner with extensive coverage of security testing modules.

Container Security

Jit on SecurityListing: An integrated application security platform that combines multiple security scanning tools with developer-focused workflows for automated code and infrastructure security testing.

Threat Intelligence Platforms

Heeler Runtime Threat Modeling on SecurityListing: AI-powered continuous threat modeling for cloud applications in runtime

Penetration Testing

PentesterLab Master Advanced Web Hacking on SecurityListing: Online platform for web app security training via hands-on labs and code review

Risk Assessment

BoostSecurity ASPM on SecurityListing: ASPM platform for monitoring and hardening app security across SDLC

Vulnerability Assessment

DerScanner Mobile Application Security Testing (MAST) on SecurityListing: Mobile app security testing platform for Android and iOS apps

API Security

Detectify API Scanning on SecurityListing: Dynamic API vulnerability scanner with payload-based testing and fuzzing

API Security

Levo Runtime Application Security on SecurityListing: Runtime application security platform for API and AI stack protection

API Security

OWASP API Security Top 10 on SecurityListing: A community website for API security news, vulnerabilities, and best practices

Software Composition Analysis

Flyingduck Code Security Intelligence on SecurityListing: SAST tool that detects logical flaws and business logic vulnerabilities

Software Composition Analysis

pac-resolver on SecurityListing: Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.

Static Application Security Testing

DryRun Security AppSec Agents on SecurityListing: AI-native SAST tool providing contextual code security analysis in pull requests

ALPHA DS

AI Security

ALPHA DS is a focused cybersecurity service provider offering strategic consultancy and tailored information security solutions across networks, applications, data, endpoints, and OT/ICS/IOT environme

Static Application Security Testing

CodeThreat AI-Native AppSec Platform on SecurityListing: AI-native AppSec platform for code security analysis and vulnerability detection

Dynamic Application Security Testing

Heeler Application Security Lifecycle Management on SecurityListing: ASPM platform for tracking app security risks from development to deployment

API Security

SCANOSS Security Dataset on SecurityListing: Vulnerability detection dataset for declared & undeclared dependencies in code

Static Application Security Testing

Variegate on SecurityListing: Source code diversification tool that creates program variants with diversity

API Security

Wallarm API Security on SecurityListing: Unified API and AI security platform for discovery, protection, and testing

Exposure Management

Seemplicity Exposure Management on SecurityListing: Continuous threat exposure management platform for vulnerability remediation

API Security

Traceable AppSec on SecurityListing: Platform for API & app security with discovery, testing, and protection

Dynamic Application Security Testing

DerScanner Dynamic Application Security Testing (DAST) on SecurityListing: DAST tool that scans live web apps to detect vulnerabilities in real-time

Container Security

Raven Runtime Application Protection on SecurityListing: Runtime app protection with function-level reachability and exploit prevention

Static Application Security Testing

Offensive360 Offensive 360 Virtual Compiler on SecurityListing: AI-driven SAST tool using virtual compilers for source code analysis

Static Application Security Testing

Offensive 360 Secure Code Analysis on SecurityListing: SAST tool that analyzes source code for vulnerabilities using virtual compilers

API Security

Cequence Bot Management on SecurityListing: Bot detection and mitigation platform for web, mobile, and API applications

Cloud Application Detection and Response

Raven Runtime ADR on SecurityListing: Runtime detection & response for cloud workloads and application libraries

Risk Assessment

SCANOSS Geo Provenance Dataset on SecurityListing: Identifies geographic origin and authorship of open source code components

Threat Intelligence Platforms

SaltyCloud Dorkbot on SecurityListing: Automated web vulnerability scanner for SQLi, XSS, and other web app flaws

Application Security Posture Management

SaltWorks SaltMiner on SecurityListing: AppSec posture mgmt platform for aggregating & reporting app security data

API Security

Sansec Shield on SecurityListing: Web application firewall for Magento/Adobe Commerce stores

Security Awareness Training

Symbiotic Security on SecurityListing: Real-time AI-powered code security tool for IDE vulnerability detection & fix

API Security

Cequence AI Gateway on SecurityListing: Unified platform for API security, bot management, and AI gateway protection

Risk Assessment

SCANOSS Encryption Dataset on SecurityListing: Identifies cryptographic algorithms and libraries in code for compliance

API Security

Secure Blink ThreatSpy on SecurityListing: DAST platform for web app & API vulnerability scanning with AI-enabled features

API Security

Sense Defence Advanced Rate Limiting on SecurityListing: Advanced rate limiting solution for web apps and APIs with AI-driven controls

API Security

Sense Defence AI Bot Protection on SecurityListing: AI-powered bot detection and management solution for web applications

Software Composition Analysis

SonarSource Advanced Security on SecurityListing: SAST and SCA platform for code security analysis with taint analysis

Static Application Security Testing

Pixee Pixeebot on SecurityListing: AI-powered automated code security remediation bot for vulnerability fixes

Static Application Security Testing

Perforce Klocwork on SecurityListing: Static code analyzer & SAST tool for C, C++, Java, JavaScript, Python, Kotlin

Software Composition Analysis

Kodem Zero-waste Application Security on SecurityListing: AI-native AppSec platform for code-to-runtime security with automated triaging

Static Application Security Testing

SonarSource SonarQube Cloud on SecurityListing: Cloud-based SAST platform for code quality and security analysis

API Security

StackHawk on SecurityListing: A DAST solution that performs automated security testing of APIs and web applications within development workflows and CI/CD pipelines.

Static Application Security Testing

Software Improvement Group Sigrid® on SecurityListing: Software portfolio governance platform for code quality and security analysis

Security Information and Event Management

Sumo Logic Monitoring and Troubleshooting on SecurityListing: Log analytics platform for monitoring, troubleshooting, and issue detection

API Security

Sucuri Website Firewall on SecurityListing: Cloud-based WAF protecting websites from attacks, DDoS, and exploits

API Security

Syhunt SyhuntAPI on SecurityListing: API security testing tool for detecting vulnerabilities in web APIs

API Security

Prophaze Advanced AI-Based App & API Security on SecurityListing: AI-based app & API security platform with WAF, DDoS protection, and bot mitigation

API Security

Invicti DAST on SecurityListing: DAST scanner with proof-based vulnerability validation and CI/CD integration

API Security

TeejLab API Discovery Manager on SecurityListing: API discovery, security, governance & lifecycle mgmt platform for enterprises

Static Application Security Testing

The Code Registry AI-Powered Code Intelligence on SecurityListing: AI-powered code analysis platform for security, quality, and developer insights

Software Composition Analysis

The Code Registry Application & Supply Chain Security on SecurityListing: AI-driven app & supply chain security platform with SBOM generation & scanning

API Security

CloudDefense.AI QINA (App Security) on SecurityListing: DevSecOps platform for app security with SAST, DAST, SCA, and API testing

Secure Code Training

Secure Coding Guidelines for Java SE on SecurityListing: Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.

Security Scanning

SonarQube Server on SecurityListing: A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.

API Security

Invicti API Security on SecurityListing: API security testing platform with discovery, scanning, and remediation

Secure Code Training

urandom vs. CSPRNG for Crypto Keys on SecurityListing: Utilize the kernel's CSPRNG for generating crypto keys instead of userspace CSPRNGs to avoid randomness failures.

Static Application Security Testing

Amplify Security Fix Your Code on SecurityListing: Automated vulnerability remediation tool that fixes code security issues

Software Composition Analysis

Flyingduck Comprehensive SBOM Management on SecurityListing: SBOM management platform for tracking dependencies and vulnerabilities

API Security

VulnSign Dynamic Application Security Testing on SecurityListing: DAST tool for scanning web apps, microservices, and APIs for vulnerabilities

API Security

Wallarm API Security Testing on SecurityListing: Automated API security testing tool integrated into CI/CD pipelines

Threat Intelligence Platforms

Phoenix Security ASPM on SecurityListing: ASPM platform with CNAPP integration for vulnerability prioritization & context

Application Security Posture Management

WordPress WPMissionControl on SecurityListing: WordPress plugin for site monitoring, security scanning, and observability

Application Security Posture Management

WPMissionControl on SecurityListing: WordPress monitoring platform for uptime, security, and performance tracking

Software Composition Analysis

Raven Runtime SCA on SecurityListing: Runtime SCA tool that identifies exploitable vulnerabilities in cloud environments

Application Security Posture Management

Boman.ai Boman on SecurityListing: AI-powered application security platform with automated scanning and analytics

Container Security

Anchore Secure on SecurityListing: Container & source code scanning for vulnerabilities, malware, and secrets

Software Composition Analysis

MergeBase Software Composition Analysis on SecurityListing: SCA platform for managing open source vulnerabilities across SDLC

Container Security

OX Application Security on SecurityListing: ASPM platform with Code Projection tech for SDLC risk prioritization

Static Application Security Testing

Sonarsource SonarQube IDE on SecurityListing: IDE plugin for real-time code quality and security issue detection

API Security

Prophaze API Security on SecurityListing: AI-powered API security platform with threat detection and discovery

API Security

SCANOSS Licence Dataset on SecurityListing: Open source license compliance dataset for detecting code snippets & obligations

Risk Assessment

Onapsis SAP Cybersecurity Solution on SecurityListing: SAP-focused cybersecurity platform for vulnerability mgmt and threat detection

Risk Assessment

DryRun Security Codebase Intelligence on SecurityListing: AI-native SAST tool with natural language query interface for codebase security

Dynamic Application Security Testing

DerScanner Full Cycle Application Security Testing on SecurityListing: Full-cycle app security platform with SAST, DAST, MAST, SCA & binary analysis

Container Security

Wiz Supply Chain Security on SecurityListing: Cloud-native SCA and SBOM platform for supply chain security across code to runtime

Privileged Access Management

Securden Endpoint Privilege Manager on SecurityListing: Endpoint privilege mgmt solution for removing local admin rights on endpoints

API Security

Fastly API Security on SecurityListing: API security platform for discovery, monitoring, and protection at edge

Software Composition Analysis

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus on SecurityListing: A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.

Database Security

Penta Security Encryption on SecurityListing: Data encryption solutions for protecting data at rest and in transit

Exposure Management

Seemplicity Actionable Exposure Management on SecurityListing: Platform for prioritizing and remediating security exposures across tools

Vulnerability Assessment

The Code Registry Technical Due Diligence on SecurityListing: AI-powered code analysis platform for technical due diligence and audits

API Security

TrustCaptcha on SecurityListing: A privacy-focused CAPTCHA alternative that protects websites from bot attacks using proof-of-work challenges and AI-based detection while maintaining GDPR compliance.