Code Security Scanning

Anthropic is an AI safety company that builds Claude, a family of large language models designed for helpfulness, harml...

Aikido Security brings together code, cloud, dependency, and runtime security workflows in a more approachable platform...

Semantic code analysis engine from GitHub that treats code as data to find security vulnerabilities using database-like...

Anchore provides container security and software supply chain compliance tools that help organizations enforce security...

Open source IaC security scanner from Checkmarx finding security vulnerabilities and compliance issues in Terraform, An...

Open source vulnerability scanner for container images and file systems from Anchore matching against multiple vulnerab...

Amazon CodeWhisperer (now Amazon Q Developer) provides AI code generation and security scanning trained on Amazon and o...

Chef by Progress is an infrastructure automation platform using Ruby-based recipes for configuration management, compli...

Open source static analysis security vulnerability scanner specifically for Ruby on Rails applications.

Black Duck provides software composition analysis that helps organizations manage security, quality, and license compli...

Open source static code analysis tool for IaC detecting security vulnerabilities and compliance violations in Terraform...

Open source CLI tool from Anchore generating a software bill of materials (SBOM) from container images and file systems.

Kubernetes-native policy engine for validating, mutating, and generating Kubernetes configurations with YAML policies.

Cequence Security provides API security and bot management that protects business-critical applications from automated...

Open source cloud security configuration monitoring tool from Aqua scanning for risks in AWS, Azure, GCP, and Oracle Cl...

AccuKnox provides zero-trust runtime security for containers and Kubernetes using eBPF-powered monitoring and dynamic p...

Bito provides an AI coding assistant with code review, explanation, security scanning, and performance analysis built i...

Open source security tool for AWS, Azure, GCP, and Kubernetes performing security assessments and compliance checks.

Bishop Fox provides continuous attack surface management and offensive security testing through its Cosmos platform and...

CircleCI is a continuous integration and delivery platform that automates build, test, and deployment pipelines. It sup...

Application security platform providing SAST, DAST, SCA, and manual penetration testing in a single cloud-based solutio...

Open source tool from Turbot for querying cloud infrastructure with SQL using dynamic tables for over 140 cloud service...

Open source multi-cloud security auditing tool from NCC Group assessing the security posture of cloud environments.

Open source general-purpose policy engine from Styra for enforcing policies across the cloud-native stack.

Aqua Security provides cloud-native security for containers, Kubernetes, serverless, and cloud VMs with runtime protect...

Tool for container image signing and verification from the Sigstore project ensuring software supply chain integrity.

Cloud-based code analysis service detecting bugs, vulnerabilities, and code smells in projects hosted on GitHub and oth...

Aqua Security provides a cloud-native security platform specializing in container and Kubernetes security across the fu...

Open source security scanner from Aqua for Terraform code finding potential misconfigurations before infrastructure is...

Open source static analysis tool for IaC from Bridgecrew scanning Terraform, CloudFormation, and Kubernetes for misconf...

Bearer is an open-source static analysis tool that scans code for security risks and data privacy violations in applica...

Chainguard provides hardened, zero-CVE container images that dramatically reduce the vulnerability surface of container...

Arcjet provides security as code for developers with bot detection, rate limiting, email validation, and attack protect...

Open source tool for static analysis of vulnerabilities in application containers from Red Hat Quay.

Checkmarx provides a comprehensive application security platform including software composition analysis, SAST, DAST, a...

Open source SAST tool for detecting and preventing hardcoded secrets in Git repositories with fast scanning.

Open source tool designed to find common security issues in Python code through AST analysis of source files.

Open source Kubernetes security platform from ARMO scanning clusters for misconfigurations, vulnerabilities, and compli...

OpenText application security tool providing static and dynamic analysis, SCA, and runtime protection for enterprise so...

Open source data integration platform for security and compliance that syncs cloud infrastructure data to any database.

Cloudsmith provides a cloud-native, fully managed artifact management platform supporting Docker, npm, Python, Maven, a...

Cloudsmith is a cloud-native artifact management platform with security scanning and global distribution.