Security Automation
Explore 88 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
LATEST ADDITIONS
A lightweight web application firewall that protects modern applications and APIs across distributed architectures with integrated DoS protection, bot defense, and DevOps-friendly deployment options.
A lightweight web application firewall that protects modern applications and APIs across distributed architectures with integrated DoS protection, bot defense, and DevOps-friendly deployment options.
An integrated software supply chain platform that combines repository management, security scanning, and DevSecOps capabilities for managing and securing the entire software development lifecycle.
An integrated software supply chain platform that combines repository management, security scanning, and DevSecOps capabilities for managing and securing the entire software development lifecycle.
An API security and governance platform that provides discovery, security testing, compliance monitoring and lifecycle management capabilities for enterprise API implementations.
An API security and governance platform that provides discovery, security testing, compliance monitoring and lifecycle management capabilities for enterprise API implementations.
An integrated application security platform that combines multiple security scanning tools with developer-focused workflows for automated code and infrastructure security testing.
An integrated application security platform that combines multiple security scanning tools with developer-focused workflows for automated code and infrastructure security testing.
A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.
A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
Outpost24 Managed Security Services offers proactive security monitoring and management across networks, endpoints, applications, and clouds through a comprehensive CTEM platform with expert-led validation and unified risk visibility.
Outpost24 Managed Security Services offers proactive security monitoring and management across networks, endpoints, applications, and clouds through a comprehensive CTEM platform with expert-led validation and unified risk visibility.
An enterprise resilience platform providing self-healing security solutions for endpoints, applications, and network access with firmware-embedded technology to ensure systems remain visible, connected, and protected.
An enterprise resilience platform providing self-healing security solutions for endpoints, applications, and network access with firmware-embedded technology to ensure systems remain visible, connected, and protected.
An automated DDoS vulnerability testing platform that continuously evaluates DDoS protection systems without causing operational downtime.
An automated DDoS vulnerability testing platform that continuously evaluates DDoS protection systems without causing operational downtime.
An AI-powered data security governance platform that autonomously discovers, classifies, monitors, and protects sensitive information across cloud and on-premises environments.
An AI-powered data security governance platform that autonomously discovers, classifies, monitors, and protects sensitive information across cloud and on-premises environments.
Threatspy is an application security testing platform that enables developers and security teams to discover, analyze, prioritize, and remediate vulnerabilities in web applications and APIs through an automated end-to-end process.
Threatspy is an application security testing platform that enables developers and security teams to discover, analyze, prioritize, and remediate vulnerabilities in web applications and APIs through an automated end-to-end process.
Cytrusst is an integrated cybersecurity platform that combines GRC, attack surface management, cloud security posture management, and third-party risk management with support for multiple compliance frameworks.
Cytrusst is an integrated cybersecurity platform that combines GRC, attack surface management, cloud security posture management, and third-party risk management with support for multiple compliance frameworks.
A threat intelligence platform that provides comprehensive visibility into an organization's attack surface by collecting, analyzing, and structuring threat data to enable proactive security measures against emerging threats.
A threat intelligence platform that provides comprehensive visibility into an organization's attack surface by collecting, analyzing, and structuring threat data to enable proactive security measures against emerging threats.
A data security and governance platform that provides automated discovery, classification, and protection of sensitive data across cloud, on-premises, and hybrid environments.
A data security and governance platform that provides automated discovery, classification, and protection of sensitive data across cloud, on-premises, and hybrid environments.
A security solution that protects email and collaboration tools in Microsoft 365 environments against advanced threats including phishing, business email compromise, ransomware, and malware.
A security solution that protects email and collaboration tools in Microsoft 365 environments against advanced threats including phishing, business email compromise, ransomware, and malware.
A vulnerability management platform that centralizes security assessment workflows, integrates multiple security tools, and provides collaboration features for security teams.
A vulnerability management platform that centralizes security assessment workflows, integrates multiple security tools, and provides collaboration features for security teams.
A centralized application security posture management platform that integrates security tools, automates workflows, and provides visibility into application security risks.
A centralized application security posture management platform that integrates security tools, automates workflows, and provides visibility into application security risks.
An AI-powered Cloud Native Application Protection Platform (CNAPP) that provides unified cloud security with attack surface management for small and medium businesses.
An AI-powered Cloud Native Application Protection Platform (CNAPP) that provides unified cloud security with attack surface management for small and medium businesses.
An API security platform that provides automated security testing, runtime protection, and lifecycle management for APIs through integrated tools and controls.
An API security platform that provides automated security testing, runtime protection, and lifecycle management for APIs through integrated tools and controls.
An API security solution that provides continuous discovery, classification, and protection of APIs across environments while integrating with existing security infrastructure to prevent attacks and business logic abuse.
An API security solution that provides continuous discovery, classification, and protection of APIs across environments while integrating with existing security infrastructure to prevent attacks and business logic abuse.
An AI-powered code security tool that analyzes code for vulnerabilities and provides automated fix suggestions to accelerate remediation.
An AI-powered code security tool that analyzes code for vulnerabilities and provides automated fix suggestions to accelerate remediation.
A comprehensive cloud security platform that combines vulnerability management, compliance monitoring, and automated remediation capabilities through an agentless architecture to protect cloud infrastructure and applications.
A comprehensive cloud security platform that combines vulnerability management, compliance monitoring, and automated remediation capabilities through an agentless architecture to protect cloud infrastructure and applications.
Apiiro ASPM Platform is an application security solution that provides code-to-runtime visibility, risk assessment, and remediation capabilities to help organizations manage and reduce security risks across their application portfolio.
Apiiro ASPM Platform is an application security solution that provides code-to-runtime visibility, risk assessment, and remediation capabilities to help organizations manage and reduce security risks across their application portfolio.
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
An enterprise vulnerability and exposure risk management platform that consolidates, prioritizes, and orchestrates remediation of security vulnerabilities across infrastructure, applications, and cloud environments.
An enterprise vulnerability and exposure risk management platform that consolidates, prioritizes, and orchestrates remediation of security vulnerabilities across infrastructure, applications, and cloud environments.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.
Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
An Application Security Posture Management platform that helps organizations integrate security throughout the software development lifecycle with a focus on vulnerability management and secure coding practices.
An Application Security Posture Management platform that helps organizations integrate security throughout the software development lifecycle with a focus on vulnerability management and secure coding practices.
Egress Prevent is an email data loss prevention solution that helps organizations detect and prevent outbound email breaches caused by human error or malicious intent.
Egress Prevent is an email data loss prevention solution that helps organizations detect and prevent outbound email breaches caused by human error or malicious intent.
A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.
A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
A data-driven OT risk management platform that uses digital twin technology and breach simulations to assess cybersecurity risks, optimize mitigation strategies, and ensure compliance with industry standards.
A data-driven OT risk management platform that uses digital twin technology and breach simulations to assess cybersecurity risks, optimize mitigation strategies, and ensure compliance with industry standards.
A vulnerability and exposure management platform that unifies security tool data, automates workflows, and provides risk-based prioritization for enterprise vulnerability management programs.
A vulnerability and exposure management platform that unifies security tool data, automates workflows, and provides risk-based prioritization for enterprise vulnerability management programs.
A security operations platform that provides automated threat detection, access control, and protection against various online attacks through Cloudflare integration.
A security operations platform that provides automated threat detection, access control, and protection against various online attacks through Cloudflare integration.
An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.
An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.
An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.
An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
An AI-powered application security platform that provides automated discovery, testing, and continuous monitoring of applications and APIs with minimal operational impact.
An AI-powered application security platform that provides automated discovery, testing, and continuous monitoring of applications and APIs with minimal operational impact.
An application security platform that provides runtime threat modeling, vulnerability management, and automated remediation workflows with a focus on identifying exploitable vulnerabilities in production environments.
An application security platform that provides runtime threat modeling, vulnerability management, and automated remediation workflows with a focus on identifying exploitable vulnerabilities in production environments.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
A cybersecurity and privacy playbook management platform that enables teams to create, store, share, and implement standardized security procedures through a no-code interface.
A cybersecurity and privacy playbook management platform that enables teams to create, store, share, and implement standardized security procedures through a no-code interface.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.
A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.
Security design review automation tool that scans design documents and provides security requirements to development teams during the planning phase.
Security design review automation tool that scans design documents and provides security requirements to development teams during the planning phase.
An AI-driven security automation platform that uses specialized agents to assist security teams in SOC operations, GRC, and threat hunting tasks.
An AI-driven security automation platform that uses specialized agents to assist security teams in SOC operations, GRC, and threat hunting tasks.
An AI-powered security operations platform that automates alert investigation, triage, and response workflows for SOC analysts.
An AI-powered security operations platform that automates alert investigation, triage, and response workflows for SOC analysts.
An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.
An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.
An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.
An application security platform that aggregates, prioritizes and contextualizes vulnerabilities from multiple security scanners and sources to help manage application and cloud security risks.
An application security platform that aggregates, prioritizes and contextualizes vulnerabilities from multiple security scanners and sources to help manage application and cloud security risks.
A vulnerability remediation platform that consolidates security findings, prioritizes risks using AI, and automates remediation workflows across cloud and application environments.
A vulnerability remediation platform that consolidates security findings, prioritizes risks using AI, and automates remediation workflows across cloud and application environments.
An agentless API security platform that discovers, tests, and secures APIs through source code analysis without requiring traffic monitoring.
An agentless API security platform that discovers, tests, and secures APIs through source code analysis without requiring traffic monitoring.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
Zania is an AI-driven platform that automates security and compliance tasks using autonomous agents for security inquiries, compliance assessments, and privacy regulation adherence.
Zania is an AI-driven platform that automates security and compliance tasks using autonomous agents for security inquiries, compliance assessments, and privacy regulation adherence.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.
Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
DIANNA is an AI-powered cybersecurity companion from Deep Instinct that analyzes and explains unknown threats, offering malware analysis and translating code intent into natural language.
DIANNA is an AI-powered cybersecurity companion from Deep Instinct that analyzes and explains unknown threats, offering malware analysis and translating code intent into natural language.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
Identify AWS IAM permissions by brute-forcing API calls.
A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.
A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
A system for reserving classrooms at the University of Pisa.
A system for reserving classrooms at the University of Pisa.
Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.
Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
A script and library for identifying risks in AWS IAM configuration
A script and library for identifying risks in AWS IAM configuration
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
A collection of detections for Panther SIEM with detailed setup instructions.
A collection of detections for Panther SIEM with detailed setup instructions.
A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.
A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.
A modular web application honeypot framework with automation and logging capabilities.