Compliance

Automated vulnerability assessment and remediation platform

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.

Drata is a cloud-based platform that automates security and compliance processes, evidence collection, and audit preparation for various industry standards and regulations.

A tool for achieving and proving compliance with NIST 800-171 and CMMC cybersecurity requirements

Verity is a comprehensive compliance management tool that helps organizations manage their governance, risk, and compliance initiatives.

Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.

A tool for discovering, analyzing, and remedying sensitive data

A next-generation file integrity monitoring and change detection system

A powerful tool that enables organizations to discover, manage, and secure privileged access, helping to reduce the risks associated with privileged accounts and activities.

VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.

A GaaS platform that simplifies and streamlines compliance processes for MSPs, ensuring their policies are properly aligned, authorized, adopted, and assessed.

Retraced is an audit logging solution that provides compliant, searchable audit trails for applications with client libraries for Go and JavaScript.

InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.

Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.

A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.

Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.

An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.

A configurable data destruction toolkit that securely erases sensitive virtual data, temporary files, and swap memory using customizable overwrite methods.

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.

Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.