Cybersecurity Marketplace

Security teams can quickly pinpoint the spread of Security Issues from CVE, OWASP, Stackoverflow and other published resources. Krugle helps developers discover important code fixes, share problem solving insights and troubleshoot complex problems. Support engineers use Krugle Enterprise to share existing fixes, document issues, verify project details and track down key resources. Krugle delivers continuously updated, federated access to all of the code and technical information that defines your business. Krugle search helps your organization pinpoint critical code patterns and application issues - immediately and at massive scale.

Automatic web application & API security using machine learning. open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks. It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways. open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.

Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can confidently discover, manage and secure all of your APIs, quickly deploy, and easily scale to meet the ongoing needs of your organization. If you’re planning on improving the data security posture in your APIs, Traceable would love the opportunity to discuss how we could help and share some of our lessons learned from working with enterprise customers like Canon, Informatica, Outreach, and many others.

Jit's DevSecOps Orchestration Platform allows high-velocity Engineering teams to own product security while increasing dev velocity. With a unified and friendly developer experience, we envision a world where every cloud application is born with Minimal Viable Security (MVS) embedded and iteratively improves by adding Continuous Security into CI/CD/CS.

StackHawk tests your running applications, services, and APIs for security vulnerabilities that your team has introduced as well as exploitable open source security bugs. Automated test suites in CI/CD are the norm for today’s engineering teams. StackHawk is built to check and find vulnerabilities at the pull request and quickly push out fixes, all while yesterday’s security tools are waiting for someone to kick off a manual scan. A security tool that developers love to use, powered by the world’s most widely used open source security scanner.

The Fastest Code Analysis, Hands Down. 40X faster scan times so developers never have to wait for results after submitting pull requests. The Most Accurate Results. ShiftLeft’s NextGen Static Analysis has the highest OWASP Benchmark score, which is nearly triple the commercial average and more than double the 2nd highest score. Developer-Centric Security Workflows. Demonstrate and maintain compliance with security and privacy regulations such as SOC 2, PCI-DSS, GDPR, and CCPA.

Haltdos promises an intelligent WAF & DDoS mitigation service with multi-layered security to online businesses requiring zero management. It is a self-learning solution that continuously learns and adapts network/website traffic and provides real-time and historical insights with stunning visualization. It also provides attack alerts and notifications, attack signatures, customer misbehaviour, and audit trail.

Identify, publicly disclosed cybersecurity vulnerabilities. You can search the CVE List for a CVE Record if the CVE ID is known. To search by keyword, use a specific term or multiple keywords separated by a space. Your results will be the relevant CVE Records

Find and automatically fix vulnerabilities in your code, open source dependencies, containers, and infrastructure as code — all powered by Snyk’s industry-leading security intelligence. The Snyk platform is powered by our industry-leading security intelligence research, so you can find and fix vulnerabilities as soon as they’re discovered

If you are new to security testing, then ZAP has you very much in mind. Check out our ZAP in Ten video series to learn more!

SonarQube® is an automatic code review tool to detect bugs, security vulnerabilities, and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests. Analyzing your code starts with installing and configuring a SonarQube scanner. The scanner can either run on your build or as part of your continuous integration (CI) pipeline performing a scan whenever your build process is triggered.