Application Security
Explore 33 curated tools and resources
LATEST ADDITIONS
API security platform that combines discovery, testing, and monitoring capabilities to identify and protect against API vulnerabilities throughout the development lifecycle.
Application security platform that combines SAST and SCA with runtime intelligence to validate vulnerability exploitability and provide contextual remediation guidance.
Runtime application security platform that provides vulnerability management, patching, and threat detection at the application level during program execution.
Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security
A DAST solution that performs automated security testing of APIs and web applications within development workflows and CI/CD pipelines.
An agentless API security platform that discovers, tests, and secures APIs through source code analysis without requiring traffic monitoring.
An ASPM platform that provides software supply chain security through risk assessment, prioritization, and protection mechanisms.
Arnica is an application security platform that offers real-time scanning, risk mitigation, and management across various aspects of the software development lifecycle.
Backslash Security is an application security platform that uses reachability analysis to enhance SAST and SCA, prioritize vulnerabilities, and provide remediation guidance.
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
EvoMaster is an open-source tool that automatically generates system-level test cases for web APIs using AI-driven techniques.
RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
Akamai App & API Protector is an integrated security solution that safeguards web applications and APIs against various cyber threats using edge computing and adaptive technologies.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.
Checkmarx One SAST is a static application security testing tool that combines speed and security to improve developer experience.
Database protection suite with field-level encryption and intrusion detection
Dynamic application security testing tool for identifying and fixing web application vulnerabilities.
Deep Instinct is a predictive prevention platform that uses deep learning to prevent unknown threats, including ransomware and zero-day malware, from infiltrating storage environments, applications, and endpoints.
A book that helps improve Docker security by covering risks and countermeasures
Cybersecurity project for security monitoring of Node.js applications.
A set of 48 practical programming exercises in cryptography and application security
A comprehensive online resource for application security knowledge
OpenRASP directly integrates its protection engine into the application server by instrumentation, providing context-aware protection and detailed stack trace logging.
Themis provides strong, usable cryptography for busy people.
Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.
OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.
Curiefense is an application security platform that protects against various threats and offers community involvement.
A non-profit organization focused on improving the security of software through resources and training.
OWASP offers essential resources and community support to enhance application security.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security