Terrascan
Terrascan is a static code analyzer for Infrastructure as Code that allows you to seamlessly scan IaC for misconfigurations, monitor provisioned cloud infrastructure for changes, detect security vulnerabilities, and compliance violations. It offers flexibility to run locally or integrate with CI/CD pipelines. Key features include 500+ security best practice policies, scanning of Terraform, AWS CloudFormation, Azure Resource Manager, Kubernetes, Dockerfiles, and integration with AWS, Azure, GCP, Kubernetes, Dockerfile, and GitHub.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Security design review automation tool that scans design documents and provides security requirements to development teams during the planning phase.
An API security platform that discovers, documents, and tests APIs throughout the development lifecycle while maintaining a centralized catalog of all API assets.
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
A web application designed to be 'Xtremely Vulnerable' for security enthusiasts to learn application security.
ZeroThreat is a cloud-based DAST platform that provides automated penetration testing and vulnerability detection for web applications and APIs with AI-driven remediation guidance.
An automated API security testing platform that provides continuous vulnerability assessment, validation, and educational resources for API endpoint security.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.