Boman.ai
Boman.ai is a DevSecOps platform that integrates multiple security scanning capabilities into the software development lifecycle. The platform combines several security testing methodologies: - Static Application Security Testing (SAST) for source code analysis - Dynamic Application Security Testing (DAST) for runtime security testing - Software Composition Analysis (SCA) for dependency scanning - Secret scanning for detecting exposed credentials and sensitive information The system features: - CI/CD pipeline integration capabilities - AI/ML-based processing to reduce false positives - Vulnerability management and tracking - Security metrics monitoring through a SaaS portal - Support for multiple programming languages - Configurable scanning options - Exportable vulnerability reports in XLS format The platform offers different tiers of service: - A free developer tier for single application scanning - Team tier for multiple applications and users - Business tier with extended retention and advanced analytics The tool provides continuous security scanning capabilities while attempting to minimize configuration requirements and security expertise needed for implementation.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
An integrated application security platform that combines software composition analysis, container scanning, and runtime security monitoring to identify and prioritize vulnerabilities based on actual usage and risk.
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
A learning and training project demonstrating common configuration errors in cloud environments.
Aqua Security is a CNAPP that provides comprehensive security for cloud native applications across their entire lifecycle, from development to production, in various cloud and container environments.
A deliberately vulnerable modern day app with lots of DOM related bugs
A tool to profile web applications based on response time discrepancies.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.