Software Supply Chain
Explore 53 curated cybersecurity tools, with 15,161 visitors searching for solutions
FEATURED
CNAPP providing security from code to cloud for cloud native and AI apps
CNAPP providing security from code to cloud for cloud native and AI apps
Scans open-source licenses in dependencies and generates SBOMs for compliance
Scans open-source licenses in dependencies and generates SBOMs for compliance
Software supply chain security platform detecting malware in dependencies
Software supply chain security platform detecting malware in dependencies
Monitors code repository health for security, dependencies, and maintenance.
Monitors code repository health for security, dependencies, and maintenance.
Detects malicious open-source packages across SDLC using 410K+ package database
Detects malicious open-source packages across SDLC using 410K+ package database
Secures SDLC with malware detection, vuln scanning, SBOM gen & secret detection
Secures SDLC with malware detection, vuln scanning, SBOM gen & secret detection
Platform for securing SDLC with SAST, DAST, SCA, container security & ASPM
Platform for securing SDLC with SAST, DAST, SCA, container security & ASPM
Software supply chain security platform with SCA, package firewall & threat intel
Software supply chain security platform with SCA, package firewall & threat intel
Policy enforcement & compliance mgmt for container security across SDLC
Policy enforcement & compliance mgmt for container security across SDLC
Container & source code scanning for vulnerabilities, malware, and secrets
Container & source code scanning for vulnerabilities, malware, and secrets
Cloud-native application security platform with code, cloud, and runtime context
Cloud-native application security platform with code, cloud, and runtime context
Identifies geographic origin and authorship of open source code components
Identifies geographic origin and authorship of open source code components
OpenSCA Project is a dependency security scanner that runs in the browser.
OpenSCA Project is a dependency security scanner that runs in the browser.
Malware detection across SDLC, DevOps pipelines, and open-source components
Malware detection across SDLC, DevOps pipelines, and open-source components
Secures build processes with attestation, artifact verification, and SLSA support
Secures build processes with attestation, artifact verification, and SLSA support
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
Ossprey is a software supply chain security platform that uses AI-powered scanning to detect malicious open source code and prevent supply chain attacks through automated policy enforcement and dependency analysis.
AI-native ASPM platform securing AI-generated code and modern SDLC workflows
AI-native ASPM platform securing AI-generated code and modern SDLC workflows
AI-powered ASPM platform for vulnerability triage, prioritization & remediation
AI-powered ASPM platform for vulnerability triage, prioritization & remediation
Universal artifact repository & software supply chain security platform
Universal artifact repository & software supply chain security platform
Unified platform for vulnerability mgmt across apps, code, cloud & infrastructure
Unified platform for vulnerability mgmt across apps, code, cloud & infrastructure
Black Duck is an application security platform that provides software composition analysis and supply chain security capabilities to identify vulnerabilities, ensure license compliance, and manage SBOMs throughout the software development lifecycle.
Black Duck is an application security platform that provides software composition analysis and supply chain security capabilities to identify vulnerabilities, ensure license compliance, and manage SBOMs throughout the software development lifecycle.
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
