Sca

Browse 101 sca tools

FEATURED

Push Security Logo
Push Security
Zero Trust
CybersecRadars Logo
CybersecRadars
Threat Management
Hudson Rock Logo
Hudson Rock
Threat Management

Get Featured

Submit your tool →
Heeler Application Security Lifecycle Management Logo
Heeler Application Security Lifecycle Management

ASPM platform for tracking app security risks from development to deployment

Application Security Posture Management
ArmourZero Automated Vulnerability Management Logo
ArmourZero Automated Vulnerability Management

AI-powered automated vuln scanning for apps, APIs, domains, and cloud

Security Scanning
CloudDefense.AI QINA Logo
CloudDefense.AI QINA

AI-powered CNAPP combining SAST, DAST, API, SCA, CSPM, CWPP, and CIEM capabilities

Cloud-Native Application Protection Platform
RunSafe Identify Logo
RunSafe Identify

SBOM generation & vuln identification tool for C/C++ and embedded software

Software Composition Analysis
Threatrix Autonomous Platform Logo
Threatrix Autonomous Platform

Autonomous open source supply chain security & license compliance platform.

Software Composition Analysis
Start Left® SHERPA Logo
Start Left® SHERPA

ML-driven vuln prioritization using EPSS, CISA KEV & OpenSSF data.

Exposure Management
Start Left® SBDE Logo
Start Left® SBDE

DevSecOps adoption platform using gamified training & governance.

Secure Code Training
Start Left® ASPM Platform Logo
Start Left® ASPM Platform

SaaS ASPM platform unifying AppSec, SCA, SBOM, and CI/CD risk management.

Application Security Posture Management
Start Left™ SaaS Security Mgmt Platform Logo
Start Left™ SaaS Security Mgmt Platform

Consolidated SaaS platform replacing legacy AppSec tools with CI/CD-integrated security.

Application Security Posture Management
Start Left® Security - Product-Centric VM Logo
Start Left® Security - Product-Centric VM

Risk-based, product-centric VM platform with PIRATE® risk model.

Exposure Management
SOOS SAST Logo
SOOS SAST

SAST platform that runs scans and ingests SARIF results into a unified dashboard.

Static Application Security Testing
SOOS DAST Logo
SOOS DAST

CI/CD-integrated DAST tool for automated web app and API vuln scanning.

Dynamic Application Security Testing
SOOS SBOM Manager Logo
SOOS SBOM Manager

SBOM creation, management & vulnerability scanning across the dep. tree.

Software Composition Analysis
SOOS SCA Logo
SOOS SCA

SCA tool for detecting OSS vulnerabilities and license risks in dependency trees.

Software Composition Analysis
Free
SOOS Container Security Logo
SOOS Container Security

Container vulnerability & license scanner with deep dependency tree analysis.

Container Security
SOOS Community Edition SCA Logo
SOOS Community Edition SCA

Free SCA tool for open source projects with vuln scanning & SBOM.

Software Composition Analysis
Free
Socket Logo
Socket

Detects and blocks malicious/vulnerable open source packages in supply chains.

Software Composition Analysis
SAG-PM (Software Assurance Guardian Point Man) Logo
SAG-PM (Software Assurance Guardian Point Man)

Automated SCRM tool for SBOM analysis, VDR, and software cyber risk scoring.

Software Composition Analysis
PlaxidityX DevSecOps Platform Logo
PlaxidityX DevSecOps Platform

Automotive DevSecOps platform integrating TARA, SAST, SCA, and fuzz testing.

Static Application Security Testing
PlaxidityX SW Supply Chain Security Logo
PlaxidityX SW Supply Chain Security

Automotive binary SBOM scanner for supply chain vuln detection & compliance.

Software Composition Analysis
HERCULES SecSAM Logo
HERCULES SecSAM

OSS risk management system for SBOM generation, vuln & license analysis.

Software Composition Analysis
Oligo CADR Logo
Oligo CADR

Runtime platform detecting cloud app & supply chain exploitation in real time.

Cloud Application Detection and Response
Oligo Runtime Vulnerability Mgmt Logo
Oligo Runtime Vulnerability Mgmt

Runtime tool that identifies truly exploitable open-source vulns in production.

Vulnerability Assessment
Nullify Logo
Nullify

AI platform that finds, triages, and auto-remediates vulnerabilities end-to-end.

Vulnerability Assessment