Application Security for Software Supply Chain

depthfirst Platform

AI-powered AppSec platform for code, supply chain, secrets & DAST.

Labrador SCA

SCA tool detecting OSS vulnerabilities & license risks in code, binaries, containers.

Labrador SCM

SBOM exchange platform for managing software supply chain compliance.

Heeler Application Security Auto-Remediation

Fix-first AppSec powered by agentic remediation, covering SCA, SAST & secrets.

OpenSCA Project

OpenSCA Project is a dependency security scanner that runs in the browser.

Exodos Labs Exodos Labs Platform

Unified SBOM management platform for supply chain security, compliance, and license

RunSafe Identify

SBOM generation & vuln identification tool for C/C++ and embedded software

Threatrix Autonomous Platform

Autonomous open source supply chain security & license compliance platform.

SOOS SBOM Manager

SBOM creation, management & vulnerability scanning across the dep. tree.

SOOS Community Edition SCA

Free SCA tool for open source projects with vuln scanning & SBOM.

Socket

Detects and blocks malicious/vulnerable open source packages in supply chains.

SAG-PM (Software Assurance Guardian Point Man)

Automated SCRM tool for SBOM analysis, VDR, and software cyber risk scoring.

HERCULES SecSAM

OSS risk management system for SBOM generation, vuln & license analysis.

Meterian Componentpedia

Database for researching & tracking open source components with safety scores.

FYEO Third Party Library Scanner

Traces third-party library usage at function level to identify dependency risk.

DigiCert Software Trust Manager

Code signing & software supply chain security platform with policy governance.

Debricked Select

Tool for searching, comparing, and evaluating open source dependencies.

Cybeats SBOM Studio

Enterprise SBOM management platform for software supply chain security.

CodeLock

DevSecOps platform for NIST SP 800-218 SSDF compliance & secure dev.

aDolus SBOM Creation / FACT Platform

Automated NTIA-compliant SBOM generation for software supply chain risk mgmt.

aDolus FACT (Software & Firmware Validation)

Software/firmware validation platform generating trust scores via SBOM & malware analysis.

FOSSA

Software supply chain security platform for managing open source dependencies

Insignary Clarity

SCA tool for source code, binaries, and AI-generated code vulnerability detection

Kosai CVE-Free Open Source Software

Automated CVE patching for open source software components