Tenable Web App Scanning enables you to gain visibility across your attack surface, focus efforts to prevent likely attacks, and accurately communicate cyber risk to support optimal business performance. The platform offers broad vulnerability coverage spanning IT assets, cloud resources, containers, web apps and identity systems. With Tenable Web App Scanning, you can gain unified visibility of IT and web application vulnerabilities for operational efficiency. Simple set up new web app scans in seconds, eliminate complexity from managing multiple, siloed solutions, and eliminate false positives or missing high-risk vulnerabilities. The platform provides actionable results in minutes, with fast web application scans to discover common security hygiene issues that run in two minutes or less. You can also create fully customizable dashboards and widget visualizations to integrate IT, cloud and web application vulnerability data into a single, unified view. Tenable One Exposure Management Platform is designed to help your organization gain visibility across your modern attack surface, focus efforts to prevent likely attacks, and accurately communicate cyber risk to support optimal business performance.
FEATURES
SIMILAR TOOLS
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.