DevSecOps Platforms

Chainguard provides hardened container images and a software supply chain security platform for building and shipping s...

Code security features integrated into GitHub providing code scanning, secret scanning, and dependency review for devel...

Open-source vulnerability scanner using YAML-based templates to find security issues across modern tech stacks.

Active ASPM platform providing end-to-end visibility and security across the software supply chain from code to cloud.

Anchore provides container security and software supply chain compliance tools that help organizations enforce security...

Integrated DevSecOps capabilities within GitLab providing SAST, DAST, dependency scanning, and container scanning in th...

DevOps automation platform letting engineers launch production-ready infrastructure without expertise.

Complete ASPM platform providing visibility and security across the entire software development lifecycle from code to...

Security remediation platform unifying cloud and application security findings, correlating root causes, and automating...

Conversational AI platform for DevOps automating incident response and workflows via Slack.

Continuous orchestration platform automating DevOps and DevSecOps workflows with no-code toolchain.

Salesforce DevOps platform with CI/CD, data management, and backup tools for admin and developers.

Declarative authorization service built on Open Policy Agent that enables consistent policy enforcement across Kubernet...

GitLab is a complete DevSecOps platform delivered as a single application for the entire software development lifecycle...

Tenable's cloud security platform with IaC scanning and cloud posture management.

Infrastructure as code security tool that scans Terraform, CloudFormation, Kubernetes, and ARM templates for misconfigu...

Gitee's enterprise DevOps platform for Chinese teams with Git hosting, CI/CD, and code review.

Supply-chain Levels for Software Artifacts framework for protecting against supply chain attacks.

Application security posture management platform providing reachability analysis to identify truly exploitable vulnerab...

Self-service DevOps platform for teams to create, share, and automate cloud infrastructure workflows.

Infrastructure as code security platform that shifts cloud security left by scanning IaC templates for misconfiguration...

GitHub's Dependabot security updates automatically creating PRs to address security vulnerabilities.

Application security orchestration platform aggregating scan results from multiple tools and automating vulnerability m...

Jit provides a DevSecOps orchestration platform that combines open-source security tools including SCA, SAST, and secre...

Tencent Cloud's DevOps platform formerly known as CODING covering source, CI/CD, and team management.

Open source framework providing end-to-end software supply chain integrity verification.

Comprehensive DevSecOps platform integrating SAST, DAST, dependency scanning, container scanning, and secret detection...

DevOps platform with drag-and-drop CI/CD pipelines and 100+ ready-to-use plugins.

GitLab CI/CD is built into the GitLab platform providing pipelines-as-code, auto DevOps, environments, and deployments...

Application detection and response platform with runtime protection and library-level monitoring.

European Certificate Authority offering code signing, SSL, and digital signature certificates.

All-in-one DevOps platform with issue tracking, Git repos, CI/CD, docs, and team collaboration.

Sigstore's software supply chain transparency log providing an immutable record of software artifacts.

Managed public sigstore instance for signing and verifying software artifacts.

Affordable managed DevOps and cloud migration platform for small businesses and startups.

Chainguard provides hardened, zero-CVE container images that dramatically reduce the vulnerability surface of container...

Huawei's cloud-based DevOps platform for software development, project management, and delivery.

Cloud-native application security testing platform that contextualizes vulnerabilities across code, containers, and clo...

Bug bounty platform connecting companies with cybersecurity researchers for coordinated vulnerability disclosure.

Security testing orchestration module that unifies scanner results, deduplicates findings, and provides governance guar...

Application security posture management platform unifying AppSec findings, correlating risks, and orchestrating remedia...

GitHub's security features including dependency alerts, secret scanning, and security advisories.

Code signing platform for developers with automated signing workflows and security.

Cybersecurity ecosystem with audits, bug bounty platforms, and Web3 security tools.

Cybersecurity platform with vulnerability management, application security testing, and attack surface.

Checkmarx provides a comprehensive application security platform including software composition analysis, SAST, DAST, a...

HashiCorp's embedded policy-as-code framework enforcing policies within HashiCorp products.

Cybersecurity research firm providing security engineering, audits, and vulnerability research.

DevOps platform for Salesforce and other clouds providing CI/CD, testing, and release management.

Developer security platform integrating security tools into CI/CD with automated remediation plans.

Automated code remediation bot fixing security bugs and vulnerabilities directly in your pull requests.

Alibaba's DevOps platform for full-lifecycle application development, delivery, and operations.

Application security posture management platform providing risk-based visibility and prioritization across the software...

Oracle NetSuite's development platform for building customizations with CI/CD and source control.

Cybersecurity firm specializing in elite blockchain and web3 security audits for crypto projects.