Arnica Logo

Arnica

0
Commercial
Visit Website

Arnica is an application security platform that provides comprehensive protection across the software development lifecycle. It offers real-time scanning and risk mitigation for various aspects of application security, including: 1. Code Security: Performs Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Infrastructure as Code (IaC) scanning to identify vulnerabilities in source code and third-party dependencies. 2. Secret Detection and Mitigation: Identifies and helps mitigate hardcoded secrets in real-time. 3. Software Bill of Materials (SBOM): Generates a catalog of all open-source libraries used across an organization. 4. Automated Developer Access Management: Implements least privilege access control for developers. 5. Anomalous Developer Behavior Detection: Monitors and alerts on unusual developer activities to protect against potential insider threats. 6. Security Reporting and Audit: Provides logging and reporting capabilities to support compliance efforts. 7. Application Security Posture Management (ASPM): Helps identify and prioritize risks in products and source code. Arnica integrates with various development tools and platforms, aiming to provide security coverage without impacting development velocity.

FEATURES

ALTERNATIVES

A popular free security tool for automatically finding security vulnerabilities in web applications

A third-party Nginx module that prevents common web attacks by reading a small subset of simple rules containing 99% of known patterns involved in website vulnerabilities.

An insecure web application with multiple vulnerable web service components for learning real-world web service vulnerabilities.

A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

A Burp Suite content discovery plugin that adds smart functionality to the Buster plugin.

IronBee is an open source project building a universal web application security sensor.

A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.

DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.