Raven
Raven is a runtime application protection platform that focuses on three main areas: Runtime Vulnerability Management: Analyzes application behavior during execution to determine if vulnerable libraries pose actual risks, helping to prioritize remediation efforts. Runtime Patching: Provides protection mechanisms at the library level to prevent exploitation of known vulnerabilities without requiring immediate code changes. Runtime Application Detection and Response (ADR): Monitors application behavior to detect and respond to potential security threats, including both CVE and non-CVE based attacks. The platform operates across various cloud environments, including Kubernetes clusters, containers, and compute instances, supporting multiple programming languages including Python, Ruby, C, C++, JavaScript, Go, Scala, Java, and PHP. Deployment requires minimal setup and operates with low overhead in production environments, providing continuous monitoring and protection of applications during execution.
FEATURES
ALTERNATIVES
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application for client-server communication with numerous vulnerabilities.
Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
ESLint plugin to prevent Trojan Source attacks.
An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.