Security Automation
Explore 68 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
An AI-powered code security tool that analyzes code for vulnerabilities and provides automated fix suggestions to accelerate remediation.
A comprehensive cloud security platform that combines vulnerability management, compliance monitoring, and automated remediation capabilities through an agentless architecture to protect cloud infrastructure and applications.
Apiiro ASPM Platform is an application security solution that provides code-to-runtime visibility, risk assessment, and remediation capabilities to help organizations manage and reduce security risks across their application portfolio.
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
An enterprise vulnerability and exposure risk management platform that consolidates, prioritizes, and orchestrates remediation of security vulnerabilities across infrastructure, applications, and cloud environments.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
An Application Security Posture Management platform that helps organizations integrate security throughout the software development lifecycle with a focus on vulnerability management and secure coding practices.
Egress Prevent is an email data loss prevention solution that helps organizations detect and prevent outbound email breaches caused by human error or malicious intent.
A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
A data-driven OT risk management platform that uses digital twin technology and breach simulations to assess cybersecurity risks, optimize mitigation strategies, and ensure compliance with industry standards.
A vulnerability and exposure management platform that unifies security tool data, automates workflows, and provides risk-based prioritization for enterprise vulnerability management programs.
A security operations platform that provides automated threat detection, access control, and protection against various online attacks through Cloudflare integration.
An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.
An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
An AI-powered application security platform that provides automated discovery, testing, and continuous monitoring of applications and APIs with minimal operational impact.
An application security platform that provides runtime threat modeling, vulnerability management, and automated remediation workflows with a focus on identifying exploitable vulnerabilities in production environments.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
A cybersecurity and privacy playbook management platform that enables teams to create, store, share, and implement standardized security procedures through a no-code interface.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.
Security design review automation tool that scans design documents and provides security requirements to development teams during the planning phase.
An AI-driven security automation platform that uses specialized agents to assist security teams in SOC operations, GRC, and threat hunting tasks.
An AI-powered security operations platform that automates alert investigation, triage, and response workflows for SOC analysts.
An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.
An application security platform that aggregates, prioritizes and contextualizes vulnerabilities from multiple security scanners and sources to help manage application and cloud security risks.
A vulnerability remediation platform that consolidates security findings, prioritizes risks using AI, and automates remediation workflows across cloud and application environments.
An agentless API security platform that discovers, tests, and secures APIs through source code analysis without requiring traffic monitoring.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
Zania is an AI-driven platform that automates security and compliance tasks using autonomous agents for security inquiries, compliance assessments, and privacy regulation adherence.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
DIANNA is an AI-powered cybersecurity companion from Deep Instinct that analyzes and explains unknown threats, offering malware analysis and translating code intent into natural language.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
Identify AWS IAM permissions by brute-forcing API calls.
A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
A system for reserving classrooms at the University of Pisa.
Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
A script and library for identifying risks in AWS IAM configuration
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
A collection of detections for Panther SIEM with detailed setup instructions.
A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.
A modular web application honeypot framework with automation and logging capabilities.