Application Security
181 tools and resources
FEATURED
Feature Your Cybersecurity Product
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Boost Your VisibilityNEW
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
Aqua Security is a CNAPP that provides comprehensive security for cloud native applications across their entire lifecycle, from development to production, in various cloud and container environments.
EvoMaster is an open-source tool that automatically generates system-level test cases for web APIs using AI-driven techniques.
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
Akamai App & API Protector is an integrated security solution that safeguards web applications and APIs against various cyber threats using edge computing and adaptive technologies.
Tenable One Exposure Management Platform is a comprehensive platform for vulnerability management and exposure management.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.
Checkmarx One SAST is a static application security testing tool that combines speed and security to improve developer experience.
Veracode is an intelligent software security platform that helps developers and security teams secure code, find and fix flaws, and automate remediation.
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
Scan files for viruses and malware with language-agnostic REST API
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
A Burp extension for scanning JavaScript files for endpoint links
A simple Swagger-ui scanner that detects old versions vulnerable to various XSS attacks
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.