Kodem is an application security platform that combines static analysis (SAST) and software composition analysis (SCA) with runtime intelligence. The platform analyzes code, containers, and memory at the function level to provide context about application behavior during execution. It incorporates: - Runtime analysis to validate vulnerability exploitability - Attack chain mapping to identify critical vulnerabilities - AI-powered analysis for vulnerability assessment - SBOM generation with runtime context - Automated workflow for vulnerability remediation - Container and Infrastructure as Code security scanning The tool aims to reduce false positives in vulnerability detection by correlating static analysis findings with runtime behavior.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.