Backlash
Backslash Security is an application security platform that utilizes reachability analysis to enhance traditional Static Application Security Testing (SAST) and Software Composition Analysis (SCA) capabilities. The tool aims to reduce false positives and prioritize vulnerabilities by analyzing code reachability and data flow context. It offers features such as phantom package detection, fix simulation, and AI-powered remediation advice. Backslash integrates with CI/CD pipelines and provides automated security checks for pull requests. The platform also includes functionality for generating Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) reports. Additional features include secret detection in code, open-source license policy enforcement, and malicious package identification. The tool is designed to provide visibility into application risks and help development teams focus on addressing the most critical security issues.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A brute-force protection middleware for express routes that rate-limits incoming requests.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.