Product Listings
Veracode is a software security firm focused on identifying flaws and vulnerabilities across all stages of the software development lifecycle. The foundation of Veracode's approach lies in its Software Security Platform, which uses advanced AI algorithms trained on vast datasets of code. This allows for faster and more precise identification and rectification of security flaws. Veracode's mission is to evolve the concept of software security, ensuring it stays aligned with the dynamic needs of today's software development processes.
Checkmarx provides agentic application security, delivering enterprise-grade protection while lowering engineering costs and accelerating development velocity. The Checkmarx One platform scans trillions of lines of code each year for companies, cutting vulnerability density by more than half. Its autonomous security agents detect and counter AI-driven threats across the SDLC, providing prevention-first protection for legacy, modern, and AI-generated code at enterprise scale.
Appknox is a mobile application security firm utilized by different companies globally. It provides a platform for facilitating immediate threat detection within these applications. Appknox has developed a user-friendly system where an app can be uploaded, run through various test procedures, and then receive a comprehensive security diagnostic report. This report highlights any detected threats and provides suggestions for patching them. Appknox is designed to easily integrate with existing security protocols.
PortSwigger is a company that specializes in developing software tools used for security testing of web applications. The company's primary focus lies in the web security industry, and it's known for the creation of the Burp Suite, a tool commonly utilized by professionals in this field. The company is based near Manchester, UK and has a steady team of Java and .NET developers who contribute to maintaining and advancing the capabilities of the tools developed by the company.
HCLSoftware is an integral arm of HCLTech and is primarily engaged in the development, marketing, sale, and support of software solutions. The company's main sector focus includes AI and Automation, Data, Analytics and Insights, Digital Transformation, and Enterprise Security. As a provider of cloud-native solutions for enterprise software, HCLSoftware is responsible for powering an extensive number of applications at numerous organizations globally. The fundamental mission of HCLSoftware revolves around ensuring customer success through continuous product innovation.
Fluid Attacks helps companies to develop secure software without delays. We are an all-in-one solution that helps you accurately find and remediate vulnerabilities throughout the SDLC. Our solution combines automation, AI and pentesters to perform SAST, DAST, SCA, CSPM, SCR, PTaaS and RE. This way, we provide you with accurate knowledge of the security status of your application. We enable your DevSecOps implementation. This means security goes alongside innovation without hindering your speed. Fluid Attacks provides you with expert knowledge about vulnerabilities and support options that enable you to remediate the security issues in your application.
GitLab is a comprehensive AI-powered DevSecOps platform for software innovation. As a software delivery platform for development, security, and operations teams, GitLab brings security and compliance to AI-powered workflows throughout the software delivery lifecycle, helping customers deliver secure software faster. GitLab Duo, the company’s suite of AI capabilities, improves team collaboration and reduces the security and compliance risks of AI adoption by bringing the entire software development lifecycle into a single AI-powered application that is privacy-first.
With GitLab, customers can visualize their end-to-end value streams, boost developer productivity with out-of-the-box analytics, and secure their software supply chain with SAST, DAST, secret detection, container scanning, and API testing. It enables organizations to increase developer productivity, improve operational efficiency, and accelerate cloud transformations to maximize the overall return on software development.
Contrast Security's Runtime Application Security solutions embed code analysis and attack prevention directly into the software development lifecycle. Patented instrumentation provides integrated and comprehensive security observability that delivers accurate assessment and continuous protection. The Contrast Runtime Security Platform enables powerful Application Security Testing and Application Detection and Response, allowing developers, AppSec teams, and SecOps teams to protect and defend their applications against an evolving threat landscape.
Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it; development and DevSecOps teams to automate testing within development pipelines without compromising velocity; and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it; development and DevSecOps teams to automate testing within development pipelines without compromising velocity; and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
Formed through the combination of Netsparker, Acunetix, and Kondukto, Invicti Security provides an application security platform that unifies DAST, SAST, IAST, SCA, API security, secrets scanning, container security, and application security posture management (ASPM) to help enterprise organizations identify, prioritize, and remediate vulnerabilities across their application portfolio.
The platform's proof-based scanning validates runtime vulnerabilities while ASPM capabilities correlate findings across security tools to eliminate false positives. AI-powered remediation provides contextual fix recommendations within developer workflows. Key capabilities include automated vulnerability discovery, intelligent risk prioritization, unified dashboard management, and CI/CD pipeline integration.
OpenText powers and protects information. As a global information management provider for businesses, OpenText tools span content management, Artificial Intelligence (AI), cybersecurity, cloud, and business networks. For over 30 years, OpenText has helped organizations manage and protect their data and documents while modernizing their information architecture. Its integrated hub connects information across departments and applications to enhance employee experience, productivity, and collaboration, while making information structured and searchable through AI, machine learning, and semantic search. In addition, OpenText delivers endpoint security and digital life protection solutions to safeguard businesses against cyberattacks and data breaches.
Snyk specializes in providing security solutions that enable security teams and developers to work together to reduce application risk and speed software delivery. By integrating application security into developers' workflows, Snyk aims to help organizations secure their applications from code creation to cloud deployment. The end-to-end view of applications gives developers and security the shared perspective to improve security posture, while enhancing developers' productivity, preventing issues early in the development cycle, and allowing for the fastest response when security events like zero days occur.
Sonar helps prevent code quality and security issues from reaching production, amplifies developers' productivity in concert with AI assistants, and improves the developer experience with streamlined workflows. Sonar analyzes all code, regardless of who writes it—your internal team or genAI—resulting in more secure, reliable, and maintainable software.
Rooted in the open-source community, Sonar’s solutions support over 30 programming languages, frameworks, and infrastructure technologies. Today, Sonar is used by 7M+ developers and 400K organizations worldwide.
GitHub is a platform where developers, businesses, and organizations collaborate to create and innovate. Offering tools for version control, CI/CD, security, and code review, GitHub helps teams build software efficiently and securely.
With GitHub Copilot, developers can leverage AI to receive real-time coding assistance, streamlining their workflows and enabling them to focus on solving complex challenges. The platform supports a wide range of projects, from open source to enterprise, while integrating seamlessly into development processes to foster collaboration and security.
As part of Microsoft, GitHub is committed to empowering developers and organizations to bring their ideas to life, working toward the goal of supporting 1 billion developers worldwide.
OpenText powers and protects information. As a global information management provider for businesses, OpenText tools span content management, Artificial Intelligence (AI), cybersecurity, cloud, and business networks. For over 30 years, OpenText has helped organizations manage and protect their data and documents while modernizing their information architecture. Its integrated hub connects information across departments and applications to enhance employee experience, productivity, and collaboration, while making information structured and searchable through AI, machine learning, and semantic search. In addition, OpenText delivers endpoint security and digital life protection solutions to safeguard businesses against cyberattacks and data breaches.
Black Duck builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands. Black Duck solutions help developers to secure code as fast as they write it; development and DevSecOps teams to automate testing within development pipelines without compromising velocity; and security teams to proactively manage risk and focus remediation efforts on what matters most. With Black Duck, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
Mend.io, previously known as WhiteSource, focusses on building high-grade Application Security (AppSec) programs which aim to mitigate risk while accelerating development. Leveraging cutting-edge automated technology, the company offers protection against threats associated with supply chains, malicious package attacks, and vulnerabilities found in both open source and custom code. Additionally, Mend.io addresses potential risks linked to open-source licenses. The firm is recognized for its record of satisfying complex, large-scale application security demands and is therefore chosen by numerous demanding development and security teams across the globe. Additionally, Mend.io administrates the automated dependency update project, Renovate.
Checkmarx provides agentic application security, delivering enterprise-grade protection while lowering engineering costs and accelerating development velocity. The Checkmarx One platform scans trillions of lines of code each year for companies, cutting vulnerability density by more than half. Its autonomous security agents detect and counter AI-driven threats across the SDLC, providing prevention-first protection for legacy, modern, and AI-generated code at enterprise scale.
Snyk specializes in providing security solutions that enable security teams and developers to work together to reduce application risk and speed software delivery. By integrating application security into developers' workflows, Snyk aims to help organizations secure their applications from code creation to cloud deployment. The end-to-end view of applications gives developers and security the shared perspective to improve security posture, while enhancing developers' productivity, preventing issues early in the development cycle, and allowing for the fastest response when security events like zero days occur.