Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it’s being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.
Netsparker develops an industry leading automated web application security solution. Available as Windows software, online and on-premises service, the Netsparker scanner can automatically detect SQL Injection, Cross-site Scripting and other vulnerabilities in any type of modern HTML5, Single Page Application (SPA), Web 2.0 web application and web services, regardless of the technology they are built with. The Netsparker scanner does not just report the vulnerabilities, it also generates a proof of exploit confirming they are real and not false positives. Therefore you do not have to waste time manually verifying the scanner’s findings and can easily scale up web application security and scan thousands of websites within a matter of hours. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank.
Imperva Incapsula delivers an enterprise-grade Web Application Firewall to safeguard your site from the latest threats, an intelligent and instantly effective 360-degree anti-DDoS solutions (layers 3-4 and 7), a global CDN to speed up your website's load speed and minimize bandwidth usage and an array of performance monitoring and analytic services to provide insights about your website's security and performance.
IBM Security AppScan Standard protects against web application attacks and expensive data breaches by automating application security vulnerability testing. Avoid security vulnerabilities Use automated dynamic security testing and advanced static analysis – “black box” and “white box” – to detect developing security issues. Empower accurate scanning Scan websites to identify embedded vulnerabilities. Simplify interpretation of scan results with scan-specific explanations of each issue. Get quick remediation Fix high-priority problems first with streamlined remediation. Make fixes quickly with the provided remediation steps – including code examples and a task list.
NGINX, Inc. is the company behind NGINX, the popular open source project trusted by more than 400 million sites. We offer a suite of technologies for developing and delivering modern applications. The NGINX Application Platform enables enterprises undergoing digital transformation to modernize legacy, monolithic applications as well as deliver new, microservices‑based applications. Companies like Netflix, Starbucks, and McDonalds rely on NGINX to reduce costs, improve resiliency, and speed innovation. NGINX investors include Blue Cloud Ventures, e.ventures, Goldman Sachs, Index Ventures, MSD Capital, NEA, Runa Capital, and Telstra Ventures. NGINX, Inc. is headquartered in San Francisco, CA, with an EMEA head office in Cork, Ireland and APAC head office in Singapore. Learn more at https://www.nginx.com/
Checkmarx is the Software Exposure Platform for the enterprise. Over 1,400 organizations around the globe rely on Checkmarx to measure and manage software risk at the speed of DevOps. Checkmarx serves five of the world’s top 10 software vendors, four of the top American banks, and many government organizations and Fortune 500 enterprises, including SAP, Samsung, and Salesforce.com. Learn more at Checkmarx.com or follow us on Twitter: @checkmarx.
Cloudbric is a cloud-based web security provider, offering an award-winning Web Application Firewall (WAF), DDoS protection, and SSL. Cloudbric offers security primarily to startup and SMB websites that lack cybersecurity experience or can't afford expensive IT security solutions. Cloudbric’s services are free for all websites with less than 4GB of bandwidth per month. We charge based on amount of web traffic, making Cloudbric perfect for SMEs and new startups. Our services are military-grade protection for the little guy.
WhiteSource helps business to develop better software by harnessing the power of open source. WhiteSource becomes part of your software development lifecycle (SDLC) and automates the entire process of open source components selection, approval, and management, including finding and fixing vulnerable components. We provide software development and security teams full control and visibility over their open source usage and helps them drive open source adoption
Eliminate application vulnerabilities and stop data breaches. You depend on applications everyday. They are how your customers and partners connect with you, and they are how your employees get their jobs done. Unfortunately, your applications remain one of the most commonly exploited threat vectors. Barracuda WAF protects your web, mobile and API applications from being compromised, and prevents data breaches— ensuring you maintain your reputation and your customer's confidence.
IBM Application Security on Cloud helps secure your organization's Web and mobile applications, by detecting dozens of today's most pervasive published security vulnerabilities. IBM Application Security on Cloud helps to eliminate vulnerabilities from applications before they are placed into production and deployed. Convenient, detailed reporting permits you to effectively address application security risk, enabling application users to benefit from a more secure experience. IBM Open Source Analyzer helps to secure and manage your open source components, by automating security testing and configuring scanning for open source.
Appknox is one of the enterprise level security assessment product that helps businesses and enterprises to detect, manage and fix security issues. Its been used by some of the top enterprises to secure more than 500 mobile apps on regular basis. Appknox is listed in one of the Gartner's top mobile app security testing vendors list. Working with more than 100 organizations globally Appknox has been focusing on niche area of mobile app security.
Organizations worldwide use Black Duck’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, Vancouver, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com. com.
bugScout is a next-gen SAST platform for detecting vulnerabilities in application and website source codes, designed by ethical hackers and cybersecurity analysts coming out of Deloitte’s European cyberthreat SOC competency center. Today, source code security audits are snapshots that define the status at a point in time and deliver reports that are already out of date by the time they are finished because the development process is continuous. With its fast performance and scalability, bugScout enables continuous source code analysis. Security audits can keep pace with the speed of the development process, and role-based reports facilitate communications between security analysts and developers to help identify vulnerabilities, pinpoint the causes and remediate the problems.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Qualcomm, Starbucks, Dropbox, Intel,and over 1,200 other organizations have partnered with HackerOne to resolve over 90,000 vulnerabilities and award over $42M in bug bounties.
Provides automated security testing and security scan of web applications to identify vulnerabilities, scans your network and devices and suggest to you recommendations on how they can be fixed, and provides a source code analysis to identify and resolve security weaknesses and vulnerabilities
Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test budget.
Detectify is a web security scanner that performs fully automated tests to identify security issues on your website. It checks for SQL injections, XSS and 700+ other vulnerabilities. This is included: - A scanner that checks your site for 700+ vulnerabilities - The latest security tests submitted by ethical hackers - Unlimited number of scans - An extensive knowledge base with over 100 remediation tips - Team functionality so that you can easily share reports - Integrations with popular tools like Slack, Jira and PagerDuty
WebInspect offers automated dynamic application security testing (DAST) and interactive application security testing (IAST) technologies that mimics real-world hacking techniques and attacks, provides comprehensive dynamic analysis of complex web applications and services, and crawls more of the attack surface to exposes exploits.
Sqreen is an application security platform that provides extensive visibility and reaction capabilities to the threats targeting both legacy and modern cloud applications. Trusted by security teams, loved by developers, Sqreen improves the security standards of the world's leading organizations. Founded by former security experts at Apple, Sqreen protects hundreds of companies from startups to Fortune 500 companies. Sqreen uses a combination of technologies including a Runtime Application Self-Protection (RASP) agent to offer deep real-time visibility and protection against security activities and attacks. It offers out-of-the-box security rules against common attacks (OWASP top 10 and more), 0-days and advanced business logic threats. Protections can be easily extendable with custom rules. Get started with Sqreen in just a couple of minutes. No configuration or maintenance required. Benefits of using Sqreen: - Real-time protection without false positives - Deep visibility into security activities: origin, payloads, location, stack traces, time, actors etc. - Protection against common attacks and advanced 0-day attacks - Advanced customization capabilities to cover specific business logic threats - Scalable and integrated into DevOps environments
AppScanOnline is the leading provider of mobile app security software for today's developers. AppScanOnline's automated static vulnerability testing service quickly provides security teams with a detailed report compliant with both OWASP Top 10 and Industrial Development App standards, allowing developers to bring their application to market sooner.