Vendr's purple icon logo
Security and Compliance

Security and Compliance

Solutions and protocols to ensure the security, privacy, and compliance of data and systems, protecting against unauthorized access, data breaches, and regulatory violations.

Categories in Security and Compliance

Application Security

Products that protect applications from vulnerabilities and attacks throughout the development lifecycle.

Snyk
We empower you to be a secure developer Open source is awesome for boosting your productivity. However, taking code written by others, often with little to no vetting of its security pedigree, can put your application at risk. Snyk enables you to find, and more importantly fix known vulnerabilities in your open source. And it’s built by the best developers and security researchers in the space.
PortSwigger
PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.
Veracode
Veracode is an application security company based in Burlington, Massachusetts.
Cobalt.io
Cobalt is modernizing traditional pentesting. It leverage global talent and a SaaS platform to deliver a better pentest via Pentest as a Service (PtaaS).
Checkmarx
Checkmarx is a provider of state-of-the-art application security solution: static code analysis software, seamlessly integrated into development process.
View more

Cloud Security

Solutions focused on securing data, applications, and infrastructure in cloud environments.

Rapid7
Rapid7 powers the practice of SecOps by delivering shared visibility, analytics, and automation to unite security, IT, and DevOps teams. Learn more.
Lacework
Lacework provides end-to-end cloud security automation for AWS, Azure, and GCP with a comprehensive view of risks across cloud workloads and containers.
Qualys
Qualys, Inc. provides cloud security, compliance and related services and is based in Foster City, California.
Wiz
Wiz is a cloud security platform used to rapidly identify and remove the most critical risks in AWS, Azure, GCP, and Kubernetes to facilitate faster and more secure builds.
Sophos
Sophos Group plc is an English security software and hardware company.
View more

Compliance

Platforms that help organizations adhere to regulatory requirements and industry standards.

Drata
Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining workflows to ensure audit-readiness.
Tugboat Logic
Takes the misery and mystery out of passing security audits like SOC 2, PCI, and ISO 27001 so you can slay more deals and stay secure.
Level Access
Level Access has an unparalleled history in helping achieve compliance for regulations and standards such as ADA, Section 508, WCAG, VPAT, CVAA, AODA.
Deque
Deque Systems provides web and mobile accessibility solutions so you can meet compliance goals and help make the web accessible to all users.
Essential Accessibility
Web Accessibility Solution | eSSENTIAL Accessibility
View more

Cybersecurity

Products and services designed to protect computer systems, networks, and data from cyber threats, including malware, hacking, and data breaches.

CrowdStrike
CrowdStrike, Inc. is an American cybersecurity technology company based in Sunnyvale, California, and a wholly owned subsidiary of CrowdStrike Holdings, Inc.
HackerOne
HackerOne is a cybersecurity company that offers attack resistance management which blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the digital attack surface. Fortune 500 and Forbes Global 1,000 companies trust HackerOne to test and secure the applications they depend on to run their businesses.
Tenable
Tenable, Inc. is a cybersecurity company based in Columbia, Maryland.
Palo Alto Networks
Palo Alto Networks, Inc. an American multinational cybersecurity company that includes advanced firewalls and cloud-based offerings that extend them to cover other aspects of security.
Optiv
Optiv Security, Inc. is a privately owned information security company based in Denver, Colorado.
View more

Data Privacy

Solutions that help organizations protect sensitive data, ensure compliance with privacy regulations, and safeguard user information through features such as data encryption, access controls, and consent management.

TrustArc
TrustArc simplifies privacy management for the GDPR, CCPA and 500+ other global regulations with our comprehensive technology platform.
Osano
Osano is an easy-to-use data privacy platform. Instantly make your website compliant with CCPA, GDPR, and monitor all of your vendor's​ privacy practices.
Transcend.io
Transcend offers data governance solutions that help companies achieve privacy compliance through powerful data mapping and data discovery, automated data subject requests, and simple cookie consent, all with industry leading security.
Abine
Blur protects your private info and helps you stay anonymous online with masked, burner cards (virtual cards), ad blocking, masked emails, and masked phones.
CookieYes
CookieYes is a leading consent management platform (CMP) that helps businesses comply with privacy regulations such as GDPR, CCPA, LGPD, POPIA, and more.
View more

Email Security

Solutions that safeguard email communications by detecting and mitigating threats such as spam, malware, phishing attacks, and unauthorized access.

Abnormal Security
Abnormal Security provides advanced email security to prevent credential phishing, business email compromise, account takeover, and more.
Material Security
When attackers have multiple ways in, blocking messages is no longer enough. Material protects accounts even after they’re compromised or harmful messages get through.
EasyDMARC
Get started with EasyDMARC to stop hackers from sending emails from your domain. EasyDMARC all-in-1 solution provides the best anti-phishing tools and increases email reach.
Armorblox
Secure email communications with the power of Natural Language Understanding (NLU). Stop BEC and targeted phishing attacks, protect sensitive PII and PCI, and reduce phishing response times.
IRONSCALES
Learn how IRONSCALES advanced anti-phishing platform uses a unique combination of human & machine intelligence to kick off a rapid response to phishing attacks.
View more

Encryption

SaaS products that provide encryption services to protect data at rest, in transit, or in use.

DigiCert
DigiCert is one of the largest Certificate Authorities in the world and one of the fastest-growing and most successful companies in Utah. DigiCert provides a fun, casual, and flexible environment that emphasizes employee success. For our efforts, we have been awarded the Utah Best of State, Utah 100, UV50, Utah’s Best Places to Work, Best Companies to Work For, and the Alfred P. Sloan Award for Business Excellence in Workplace Flexibility.
Virtru
Empower Information Sharing. Enforce Data Security. Easily control access to sensitive data shared via email, files, and apps. All powered by open standards and the Virtru Data Security Platform.
Plaid
Develop the future of fintech with Plaid, the technology layer for financial services. Plaid enables applications to connect with users’ bank accounts.
SendSafely
SendSafely: The End-to-End Encryption Platform for Secure File Exchange and Confidential Email
SafeLogic
FIPS 140 validated encryption — SafeLogic's simplified FIPS 140 validated encryption and services reduce cost, time, and effort by a huge margin.
View more

Endpoint Security

Tools designed to secure individual devices (e.g., laptops, desktops, mobile devices) from various threats.

VirusTotal
VirusTotal is a website created by the Spanish security company Hispasec Sistemas.
Kolide
Kolide is an infrastructure analytics company. They specialize in collecting and analyzing data from your organization's devices to deliver actionable insights through a thoughtful user experience.
ESET
ESET is an IT security company that offers anti-virus and firewall products such as ESET NOD32.
Digital Guardian
Digital Guardian is an American data loss prevention software company that produces products designed to detect and stop malicious actions by users and malware on endpoints.
Recast
Take your IT team further with our endpoint management software solutions. ✓ Move faster with Recast Software & automation platform here today!
View more

Governance, Risk & Compliance

Solutions that assist organizations in managing and ensuring adherence to regulatory requirements, mitigating risks, and maintaining a robust system for corporate governance.

OneTrust
OneTrust is a privacy management software platform to operationalize data privacy compliance and privacy by design.
Vanta
Vanta's trust management platform takes the manual work out of your security and compliance process and replaces it with continuous automation
Thomson Reuters
Thomson Reuter is a Canadian multinational mass media and information firm that provides professionals with the intelligence, technology, and human expertise they need to find trusted answers.
NAVEX
NAVEX Global's GRC software and compliance management solutions support the risk and compliance management system for 13,000 organizations worldwide.
Diligent
Diligent Corporation, known as Diligent, is a software as a service company that enables board members of corporations, government organisations and not for profit groups to share and collaborate information for board meetings.
View more

Identity and Access Management

Tools for managing user identities, authentication, and access control.

Okta
Okta provides secure identity management and single sign-on to any application, whether in the cloud, on-premises or on a mobile device for your employees, partners and customers.
1Password
1Password is a secure and convenient password manager. Keep your important information secure with AES 256-bit encryption. Keep all kinds of information easily organized with convenient categories and your own tags. Instantly find what you need with powerful and customizable search. 1Password remembers and fills web forms with your passwords, credit card information, and addresses—with a single click.
JumpCloud
JumpCloud® is a central source of authentication, authorization, and management of employees and their devices and the IT applications they access.
Stripe
Stripe is a suite of APIs that powers commerce for businesses of all sizes.
Duo Security
Duo’s Unified Access Security (UAS) solution is a user-centric zero-trust security platform to protect access to sensitive data at scale for all users, all devices and all applications.
View more

Network Security

Solutions focused on securing network infrastructure, detecting and preventing network-based attacks.

Cloudflare
Cloudflare empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost.
SecureW2
SecureW2 offers World-Class PKI Services, #1 Rated Onboarding Software & RADIUS Services to provide the next-generation of passwordless network security.
Check Point Software Technologies
Check Point Software Technologies Ltd. is a leading provider of cyber security solutions to corporate enterprises and governments globally.
SonicWall
Defend SMBs, enterprises and governments from advanced cyber attacks with SonicWall's award-winning firewalls and cyber security solutions.
Barracuda
Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services.
View more

Risk Management

Solutions to identify, assess, mitigate, and monitor risks across various domains such as cybersecurity, compliance, operational processes, financial aspects, and strategic decision-making.

Prevalent
Leader in third-party risk management and cyber threat intelligence.
Assetnote
Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.
CTM360
World's most consolidated Digital Risk Protection stack with Unlimited Takedowns, Attack Surface Management, Threat Intelligence, and Deep & Dark Web monitoring
Cyberhaven
Cyberhaven is an innovative security solution that provides protection against unauthorized access to sensitive data. It uses a powerful nginx-based firewall to prevent malicious activity and safeguard confidential information.
Black Kite
Prevent unrecognized risk across your supply chain with Black Kite—the only cyber ratings tool dedicated to third-party risk intelligence.
View more

Security Training

SaaS products that provide training and education to raise awareness about cybersecurity best practices among employees.

KnowBe4
KnowBe4 provides Security Awareness Training to help you manage the IT security problems of social engineering, spear phishing and ransomware attacks.
Ethena
Ethena is a compliance training platform that works. Harassment Prevention; Diversity, Equity & Inclusion; Anti-Bribery & Corruption​​; Hiring & Interviewing; and more.
Secure Code Warrior
Secure Code Warrior helps developers write more secure code. We are focused on bringing an innovative approach to developer security training. Contact us today.
Traliant
Traliant offers regulatory online compliance training including preventing workplace discrimination and harassment, code of conduct, and AB 1825 & AB 2053.
Security Journey
Interactive Secure Coding Training Using An Offensive & Defensive Approach. Proven To Be More Engaging and Effective.
View more

Threat Intelligence

Platforms that provide real-time information on cybersecurity threats and vulnerabilities.

Domaintools
Turn domain and DNS data into threat intelligence with DomainTools. Connect network indicators to investigate, profile and map attacker infrastructure.
Spur Data
Prevent fraud and abuse online with our context API and data feeds. We improve security operations and solve the latest cyber security problems. Sign up to use our free community data portal.
ObserveIT
ObserveIT is an Insider Threat Management software company.
EY
Ernst & Young is a multinational professional services firm headquartered in London, England, United Kingdom.
BioCatch
Seamless and secure online experiences are built with BioCatch behavioral biometrics. We’re more than just fraud prevention. Our solution powers your digital growth.
View more

VPN

Solutions that provide secure and encrypted virtual private network access to users, allowing them to securely connect to private networks or browse the internet with enhanced privacy and data protection.

OpenVPN
OpenVPN is an open-source commercial software that implements virtual private network techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities.
Tailscale
Tailscale is a zero config VPN for building secure networks. Install on any device in minutes. Remote access from any network or physical location.
Twingate
Replace your VPN with the Zero Trust solution that's easy to adopt and loved by your workforce.
ExpressVPN
Top rated VPN for 2019. Unblock websites & protect all your devices. 24/7 support. VPN for Windows, Mac, Android, iOS, routers & more. Try 30 days risk-free.
Pritunl
Free open source enterprise distributed VPN server. Virtualize your private networks across datacenters and provide simple remote access in minutes.
View more

Vulnerability Management

Tools that identify, assess, and prioritize vulnerabilities within an organization's infrastructure.

Bugcrowd
With powerful platform and team of experts, Bugcrowd connects organizations to a global crowd of trusted security researchers.
Automox
Automox is an IT automation platform that help save time, reduce risk, and automate OS, third-party, and configuration updates on Windows, macOS, and Linux desktops, laptops, and servers.
Darktrace
The world leader in Enterprise Immune System technology for cyber security.
FOSSA
Effortlessly comply with open source licenses. Get started for free at https://t.co/LOlbEHiSX3
Intigriti
Intigriti is an agile pentesting platform that enables companies to enlist the help of experienced ethical hackers to outmaneuver cybercriminals. It offers cost-effective and simple bug bounty programs with the help of a customer success team, as well as Hybrid Pentest solutions for advanced security testing.
View more