Security and PKI

Aikido.dev is a comprehensive application security platform that offers a unified solution for code and cloud security. It includes security scans, such as static code analysis, dependency scanning, secrets detection, and container scanning, all integrated into a single platform. Aikido.dev supports numerous integrations with development tools and workflows, providing real-time protection and automated triage of vulnerabilities.

Cloudflare offers website security, performance, and reliability. Their services encompass features like CDN, DDoS protection, SSL, and advanced security measures.

Atomist is a platform that automates and optimizes software delivery processes, integrating with development tools to provide real-time visibility, security, and control. It uses event-driven automation to manage dependencies, security policies, and other aspects of the software lifecycle.

Azure Kubernetes Service (AKS) is a managed container orchestration service for deploying, managing, and scaling containerized applications using Kubernetes. AKS simplifies cluster management and provides integrated CI/CD, monitoring, and security features, enabling streamlined and secure operations from cloud to edge.

Bearer is a developer-first security and privacy management tool that integrates into CI/CD workflows. It provides Static Application Security Testing (SAST) to detect vulnerabilities, sensitive data, and privacy risks in code. Bearer helps teams identify and fix issues early in the development process, enhancing security and reducing the risk of data breaches.

Bitwarden is an open-source password manager that allows users to securely store and manage their passwords, credentials, and other sensitive information. It offers end-to-end encryption, multi-factor authentication, and cross-platform support, making it easy to access your passwords on any device.

Bridgecrew is a cloud security platform that automates infrastructure security and compliance. It provides tools for identifying and fixing security issues in infrastructure-as-code (IaC), cloud configurations, and runtime environments. By integrating with CI/CD pipelines, Bridgecrew helps teams enforce security policies and maintain compliance across their cloud-native applications.

Cloudflare Tunnel is a service that allows users to securely connect their web applications or services to the internet without exposing them directly to the public web. It creates an encrypted tunnel between your origin server and Cloudflare’s network, protecting your web applications from attacks and unauthorized access.

Codenotary secures software supply chains by providing tools for real-time risk assessment, component analysis, and compliance management. It ensures software integrity with tracking, attestation, and Software Bill of Materials (SBOMs), supporting compliance with standards like NIST and FedRAMP.

"Has My Secret Leaked?" tool helps developers check if their secrets (like API keys) have been exposed on public GitHub repositories. Users can securely hash and encrypt their secrets, check them against GitGuardian's extensive database of leaked secrets, and get results on potential leaks. This service emphasizes privacy and security, ensuring secrets are not exposed during the check.

Have I Been Pwned is a website that allows users to check if their personal data has been compromised in a data breach. By entering an email address or phone number, users can see if their information appears in any publicly known data breaches. It also offers notifications for future breaches.

Internet.nl allows you to test if your website, email, or connection meets modern Internet standards such as IPv6, DNSSEC, HTTPS, DMARC, STARTTLS, and DANE. The platform helps ensure security and reliability by offering detailed analysis and recommendations for improvement. It is supported by the Internet community and the Dutch government to promote the adoption of these standards.

ManageEngine CloudSIEM is a cloud-based security information and event management (SIEM) solution that helps organizations monitor, detect, and respond to security threats in real-time. It aggregates and analyzes logs from various sources, providing insights and alerts to ensure compliance and protect against cyber threats.

LoginLlama is a service designed to monitor and log sign-ins across different platforms, enhancing security by providing users with detailed insights into login activities. It offers features like tracking successful and failed login attempts, alerting users to suspicious activity, and providing reports on login history.

The Mozilla Observatory is a tool that helps developers, system administrators, and security professionals configure their websites securely. It provides security assessments by scanning websites for vulnerabilities and offering recommendations for improvements. The Observatory also offers educational resources and documentation for enhancing web security practices.

OpenAPI.security is a platform focused on enhancing the security of APIs by offering tools and best practices for implementing robust security measures within OpenAPI specifications. It helps developers ensure their APIs are secure by providing guidelines for authentication, authorization, and data protection.

OPSWAT is a cybersecurity company specializing in critical infrastructure protection. It offers a suite of products designed to secure and protect data, devices, and networks from malware, vulnerabilities, and other threats. OPSWAT provides solutions for threat detection, secure file transfers, and compliance management.

Pixee.ai offers an automated product security service called Pixeebot, which continuously monitors, triages, and fixes vulnerabilities in code repositories. It integrates with existing workflows, providing security and code quality improvements without disrupting productivity. Pixeebot supports various programming languages and development environments, helping maintain high-quality secure code.

PyUp.io offers the Safety CLI, a tool for Python developers to scan dependencies for vulnerabilities, ensuring secure development practices. It integrates seamlessly with existing workflows, providing real-time security insights and actionable recommendations. The platform is designed to enhance supply chain security and reduce vulnerability noise for teams of all sizes.

The Qualys Community Edition is a free version of Qualys' cloud-based security platform, offering tools for vulnerability management, asset discovery, and web application scanning. It allows small businesses and individuals to identify and manage security risks in their IT environment.

Snyk is a developer security platform that integrates with development tools and pipelines to find, prioritize, and fix vulnerabilities in code, dependencies, containers, and infrastructure as code (IaC). It provides real-time monitoring, actionable insights, and automation features to enhance security throughout the development lifecycle.

SOOS is a comprehensive Application Security Posture Management (ASPM) platform designed to safeguard applications across their lifecycle. It provides tools for Software Composition Analysis (SCA), Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Infrastructure as Code (IaC) scanning, and managing Software Bill of Materials (SBOMs).

Sumo Logic is a cloud-native platform for log management, monitoring, and security analytics. It helps organizations gain real-time insights into their application and infrastructure performance, security posture, and operational health. Sumo Logic provides powerful tools for log aggregation, searching, and alerting, and integrates with various cloud services and on-premises environments.

Virgil Security provides a suite of security tools for developers to integrate end-to-end encryption, data protection, and secure communication into their applications. It supports compliance with standards like HIPAA, GDPR, and PCI DSS.

Vulert is a software composition analysis platform that continuously monitors open-source dependencies for vulnerabilities. It proactively sends alerts, suggests fixes, and ensures license compliance without requiring codebase access or installations. The platform integrates with SIEM, CI/CD tools, and offers features like zero false positives and vulnerability rankings.

Cloudflare's Zero Trust services provide security solutions that protect applications and employees by ensuring that only authenticated and authorized users can access resources. They include features like Browser Isolation, Identity and Access Management, and Secure Web Gateway. Cloudflare's Zero Trust approach helps organizations enhance security and mitigate risks.