The Best Security and Compliance Software Tools

Application Security

Products that protect applications from vulnerabilities and attacks throughout the development lifecycle.

Sorted by Recommended

We empower you to be a secure developer Open source is awesome for boosting your productivity. However, taking code written by others, often with little to no vetting of its security pedigree, can put your application at risk. Snyk enables you to find, and more importantly fix known vulnerabilities in your open source. And it’s built by the best developers and security researchers in the space.

MendBy Mend Tech Inc

Mend.io provides you with all the necessary tools to establish a mature, proactive AppSec program that effectively mitigates application risk. The application security landscape is in a state of flux as organizations transition from a fragmented ecosystem of point solutions to a unified platform like the Mend AppSec Platform, empowering them to take control of their security measures. The platform merges a developer-centric repo-centric approach with prioritized, actionable insights seamlessly integrated into existing processes. It offers significant benefits such as up to 75% fewer findings that require remediation, relieving you of the burden of managing numerous security issues, streamlined cross-product workflows, and a consolidated data model that enhances security posture. Mend is licensed based on the number of Contributing Developers with a $15,000 minimum purchase.

DopplerBy Doppler Technologies, Inc

Doppler is a SecretOps platform for securing and syncing developer secrets throughout your infrastructure.

Aikido SecurityBy Aikido Security BV

Aikido is a developer-centric software security platform. It offers a central system that shows you what matters and how to fix it from code to cloud.

PortSwiggerBy PORTSWIGGER LTD

PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.

VeracodeBy Veracode, Inc.

Veracode is an application security company based in Burlington, Massachusetts.

Cobalt.ioBy Cobalt Labs Inc

Cobalt is modernizing traditional pentesting. It leverage global talent and a SaaS platform to deliver a better pentest via Pentest as a Service (PtaaS).

CheckmarxBy Checkmarx Ltd

Checkmarx is a provider of state-of-the-art application security solution: static code analysis software, seamlessly integrated into development process.

DetectifyBy Detectify

Detectify is a website vulnerability scanner that performs tests to identify security issues on your website. Let us find vulnerabilities for you before hackers do.

WhiteHat SecurityBy WhiteHat Security Inc

The WhiteHat Application Security Platform provides all of the services required to secure the entire software development lifecycle.

Signal SciencesBy Signal Sciences Corp.

Signal Sciences is a growing web application security company in the world.

Black Duck SoftwareBy Synopsys, Inc.

Synopsys is an American electronic design automation company that focuses on silicon design and verification, silicon intellectual property and software security and quality.

Invicti Security CorpBy Invicti Security Ltd

Get accurate, automated application security testing that scales like no other solution. Secure 1000s of web assets with less manual effort. Reduce your risk with the only…

GitGuardianBy GitGuardian

Learn how GitGuardian helps development and security teams detect secrets like API keys and other credentials leaked on GitHub or exposed in internal repositories.

Obsidian SecurityBy Obsidian Security Inc

Obsidian Security is a comprehensive SaaS security and compliance solution that helps manage excessive privileges, prevent configuration drift, automate compliance, and detect threats among other uses. It is designed to reduce third-party SaaS integration risk, stop SaaS threats pre-exfiltration of data, and achieve SaaS compliance in minutes, not months.

WallarmBy Wallarm Inc

Wallarm reveals security flaws in web apps and APIs and provides real-time protection for them

Contrast SecurityBy Contrast Security Inc

Contrast Security application security software unifies security and development with one DevSecOps platform and increases accuracy and productivity.

NowSecureBy NowSecure Inc

NowSecure is a Chicago-based mobile security company that publishes mobile app and device security software.

Data TheoremBy Data Theorem Inc

Data Theorem is a leading provider in modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere.

ShiftLeftBy ShiftLeft Inc

The most proven application security methods redesigned for DevOps environments.

CycodeBy Cycode Ltd

Cycode is a complete software supply chain security solution that provides visibility, security, and integrity across your entire SDLC

Jnet DirectBy Jnet Direct

JNetDirect - Middleware Connectivity and Code Management for All Versions of Microsoft SQL Server

opticca securityBy opticca security

Opticca Security is a comprehensive cybersecurity solution, offering best-in-class technologies and rigorous processes to protect your data, particularly focusing on application security. Their services range from web application firewall, zero trust security, cloud security compliance, to various application security testing, ensuring your apps are secure and resilient.

ReliaQuestBy ReliaQuest LLC

ReliaQuest is a force-multiplier of security teams to increase visibility, decrease complexity, and manage risk through the GreyMatter security operations platform.

AppCheckBy AppCheck

Bridging the gap between manual and automated security testing.

ArmorCodeBy ArmorCode

The ArmorCode platform unifies application security and vulnerability management. It integrates with your security ecosystem to de-duplicate, correlate, and orchestrate findings in a single platform so security and development teams can realize holistic visibility, flexible agility, and cross-team collaboration.

Page 1 of 3