Average Ratings 0 Ratings
Average Ratings 0 Ratings
Similar Products
-
Aikido SecurityAikido is the all-in-one security platform for development teams to secure their complete stack, from code to cloud. Aikido centralizes all code and cloud security scanners in one place. Aikido offers a range of powerful scanners including static code analysis (SAST), dynamic application security testing (DAST), container image scanning, and infrastructure-as-code (IaC) scanning. Aikido integrates AI-powered auto-fixing features, reducing manual work by automatically generating pull requests to resolve vulnerabilities and security issues. It also provides customizable alerts, real-time vulnerability monitoring, and runtime protection, enabling teams to secure their applications and infrastructure seamlessly.
-
WizWiz is a new approach in cloud security. It finds the most important risks and infiltration vectors across all multi-cloud environments. All lateral movement risks, such as private keys that are used to access production and development environments, can be found. You can scan for vulnerabilities and unpatched software in your workloads. A complete inventory of all services and software within your cloud environments, including version and package details, is available. Cross-reference all keys on your workloads with their privileges in your cloud environment. Based on a complete analysis of your cloud network, including those behind multiple hops, you can see which resources are publicly available to the internet. Compare your industry best practices and baselines to assess the configuration of cloud infrastructure, Kubernetes and VM operating system.
-
ChainguardChainguard Containers provide a trusted set of minimal, zero-CVE container images with a top-tier CVE remediation SLA—addressing critical vulnerabilities within 7 days, and high, medium, and low within 14—enabling teams to build and deploy software more confidently. As modern development workflows and CI/CD pipelines depend on secure, up-to-date containers for cloud-native applications, Chainguard offers streamlined images built entirely from source in a hardened, secure build environment. Designed for both engineering and security stakeholders, Chainguard Containers reduce the manual overhead of managing vulnerabilities, improve application resilience by shrinking the attack surface, and accelerate go-to-market by simplifying alignment with compliance standards and customer security expectations.
-
GearsetGearset is a full‑featured Salesforce DevOps solution built for the enterprise, giving teams the tools to adopt best practices across every stage of the DevOps lifecycle. From metadata and CPQ deployments to CI/CD, testing, code analysis, sandbox seeding, backups, archiving, and observability, Gearset gives teams unmatched insight and control over their Salesforce workflows. Over 3,000 organizations — including names like McKesson and IBM — rely on Gearset to deliver with security and scale in mind. With advanced governance, detailed audit trails, SOX/ISO/HIPAA support, multi‑team pipelines, integrated security checks, and adherence to ISO 27001, SOC 2, GDPR, CCPA/CPRA, and HIPAA, Gearset combines enterprise‑ready compliance with rapid onboarding and an intuitive interface — all in one platform. Leading firms in finance, healthcare, and tech trust Gearset to power their DevOps initiatives without adding complexity.
-
JscramblerJscrambler is the leader in Client-Side Protection and Compliance. We were the first to merge advanced polymorphic JavaScript obfuscation with fine-grained third-party tag protection in a unified Client-Side Protection and Compliance Platform. Our end-to-end solution does more than protect your data—it empowers your business. With Jscrambler, your teams are free to take full advantage of client-side JavaScript innovation, assured that your business benefits from blanket protection against current and emerging cyber threats, data leaks, misconfigurations, and IP theft. Jscrambler is the only solution that enables the definition and enforcement of a single, future-proof security policy for client-side protection. We also make it easy to comply with new standards and regulations; our dedicated PCI module helps businesses meet the stringent requirements of PCI DSS v4 (6.4.3 and 11.6.1). Trusted by digital leaders worldwide, Jscrambler lets you move fast and embrace a culture of fearless innovation while ensuring that both your first- and third-party client-side JavaScript assets remain secure and compliant.
-
BitriseStreamline your development process while saving time, reducing costs, and alleviating developer stress with a mobile CI/CD solution that is not only swift and adaptable but also scalable. Whether your preference leans towards native development or cross-platform frameworks, we have a comprehensive solution that meets your needs. Supporting languages such as Swift, Objective-C, Java, and Kotlin, along with platforms like Xamarin, Cordova, Ionic, React Native, and Flutter, we ensure that your initial workflows are configured automatically so you can start building within minutes. Bitrise seamlessly integrates with any Git service, whether public, private, or ad hoc, including platforms like GitHub, GitHub Enterprise, GitLab, GitLab Enterprise, and Bitbucket, available both in the cloud and on-premises. You can easily trigger builds based on pull requests, schedule them for specific times, or set up custom webhooks to suit your workflow. Additionally, our workflows are designed to operate on your terms, enabling you to coordinate various tasks such as performing integration tests, deploying to device farms, and distributing apps to testers or app stores, ultimately enhancing your overall efficiency. With a flexible approach, you can adapt your CI/CD processes to meet the evolving demands of your development cycle.
-
ZeroPathZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with deep program analysis to deliver intelligent security testing that finds real vulnerabilities while dramatically reducing false positives. Unlike traditional SAST tools that rely on pattern matching, ZeroPath understands code context, business logic, and developer intent. This enables identification of sophisticated security issues including business logic flaws, broken authentication, authorization bypasses, and complex dependency vulnerabilities. Our comprehensive security suite covers the application security lifecycle: 1. AI-powered SAST 2. Software Composition Analysis with reachability analysis 3. Secrets detection and validation 4. Infrastructure as Code scanning 5. Automated PR reviews 6. Automated patch generation and more... ZeroPath integrates seamlessly with GitHub, GitLab, Bitbucket, Azure DevOps and many more. The platform handles codebases with millions of lines across Python, JavaScript, TypeScript, Java, Go, Ruby, Rust, PHP, Kotlin and more. Our research team has been successful in finding vulnerabilities like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce. Trusted by 750+ companies and performing 200k+ code scans monthly.
-
Pipeliner CRMPipeliner CRM is the AI-powered sales management solution designed to put salespeople first, delivering an intuitive, visual, and engaging experience that drives real productivity and rapid adoption for mid-sized, large, and enterprise teams. With comprehensive pipeline management, advanced AI assistance, no-code Automatizer workflows, and embedded business analytics, Pipeliner eliminates complexity while scaling effortlessly—reducing the need for third-party tools and dedicated admins. Key features include personalized user interfaces, multiple pipeline visualizations, automated approvals, relationship mapping, quota management, and AI-driven email support. Seamlessly integrate with Google Suite, Microsoft Suite
-
Kasm WorkspacesKasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm is revolutionizing the way businesses deliver digital workspaces. We use our open-source web native container streaming technology to create a modern devops delivery of Desktop as a Service, application streaming, and browser isolation. Kasm is more than a service. It is a platform that is highly configurable and has a robust API that can be customized to your needs at any scale. Workspaces can be deployed wherever the work is. It can be deployed on-premise (including Air-Gapped Networks), in the cloud (Public and Private), or in a hybrid.
-
FerootFeroot Security is a global leader in AI-powered website and web application compliance and security. Feroot AI protects digital experiences from hidden threats while continuously enforcing compliance with PCI DSS 4.0.1, HIPAA rules on online tracking technologies, CCPA/CPRA, GDPR, CIPA, and over 50 global laws and standards. The Feroot AI Platform replaces manual compliance work and operational overhead with continuous automation. What once required months of effort across security, engineering, and legal teams can now be deployed in minutes, delivering real-time protection and audit-ready evidence. Feroot unifies critical capabilities into a single platform, including JavaScript behavior analysis, web compliance scanning, third-party script monitoring, consent enforcement, and data privacy posture management. It is purpose-built to detect and stop web-based threats such as Magecart, formjacking, e-skimming, and unauthorized tracking on high-risk assets like payment pages, login flows, iframes, and healthcare portals. Trusted by Fortune 500 enterprises, healthcare providers, retailers, SaaS platforms, utilities, payment service providers, universities, and public sector organizations, Feroot safeguards hundreds of millions of users worldwide. Feroot AI solutions include PaymentGuard AI, HealthData Shield AI, AlphaPrivacy AI, CodeGuard AI, and MobileGuard AI. Visit feroot for more information.
Description
Efficiently eliminate risks that may be introduced into the workflow while safeguarding the integrity of each task, all from one centralized platform. Gain comprehensive visibility and complete traceability of your software pipeline's security, spanning from the cloud to the code. Oversee your identified issues, coordinate DevSecOps initiatives, mitigate risks, and uphold the integrity of the software pipeline from a single dashboard. Address threats based on their urgency and the context of the business. Automatically intercept vulnerabilities that could seep into your pipeline. Swiftly pinpoint the appropriate personnel to take necessary action against any identified security threats. Steer clear of established security vulnerabilities such as Log4j and Codecov, while also thwarting emerging attack vectors informed by proprietary research and threat intelligence. Identify anomalies, including those similar to GitBleed, and guarantee the security and integrity of all cloud artifacts. Conduct thorough security gap analyses to uncover any potential blind spots, along with automated discovery and mapping of all applications, ensuring a robust security posture across the board. This holistic approach enables organizations to preemptively address security challenges before they escalate.
Description
For those utilizing GitHub Actions in their CI/CD processes and concerned about the security of their pipelines, the StepSecurity platform offers a robust solution. It allows for the implementation of network egress controls and enhances the security of CI/CD infrastructures specifically for GitHub Actions runners. By identifying potential CI/CD risks and detecting misconfigurations in GitHub Actions, users can safeguard their workflows. Additionally, the platform enables the standardization of CI/CD pipeline as code files through automated pull requests, streamlining the process. StepSecurity also provides runtime security measures to mitigate threats such as the SolarWinds and Codecov attacks by effectively blocking egress traffic using an allowlist approach. Users receive immediate, contextual insights into network and file events for all workflow executions, enabling better monitoring and response. The capability to control network egress traffic is refined through granular job-level and default cluster-wide policies, enhancing overall security. It is important to note that many GitHub Actions may lack proper maintenance, posing significant risks. While enterprises often opt to fork these Actions, the ongoing upkeep can be costly. By delegating the responsibilities of reviewing, forking, and maintaining these Actions to StepSecurity, businesses can achieve considerable reductions in risk while also saving valuable time and resources. This partnership not only enhances security but also allows teams to focus on innovation rather than on managing outdated tools.
API Access
Has API
API Access
Has API
Integrations
Codecov
Datadog
Docker
Git
GitHub
Google Cloud Platform
Kubernetes
Microsoft 365
Node.js
Ruby
Integrations
Codecov
Datadog
Docker
Git
GitHub
Google Cloud Platform
Kubernetes
Microsoft 365
Node.js
Ruby
Pricing Details
$25 per month
Free Trial
Free Version
Pricing Details
$1,600 per month
Free Trial
Free Version
Deployment
Web-Based
On-Premises
iPhone App
iPad App
Android App
Windows
Mac
Linux
Chromebook
Deployment
Web-Based
On-Premises
iPhone App
iPad App
Android App
Windows
Mac
Linux
Chromebook
Customer Support
Business Hours
Live Rep (24/7)
Online Support
Customer Support
Business Hours
Live Rep (24/7)
Online Support
Types of Training
Training Docs
Webinars
Live Training (Online)
In Person
Types of Training
Training Docs
Webinars
Live Training (Online)
In Person
Vendor Details
Company Name
OX Security
Founded
2021
Country
Israel
Website
www.ox.security/
Vendor Details
Company Name
StepSecurity
Country
United States
Website
www.stepsecurity.io
Product Features
Application Security
Analytics / Reporting
Open Source Component Monitoring
Source Code Analysis
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation
Cybersecurity
AI / Machine Learning
Behavioral Analytics
Endpoint Management
IOC Verification
Incident Management
Tokenization
Vulnerability Scanning
Whitelisting / Blacklisting
DevOps
Approval Workflow
Dashboard
KPIs
Policy Management
Portfolio Management
Prioritization
Release Management
Timeline Management
Troubleshooting Reports
Product Features
Application Security
Analytics / Reporting
Open Source Component Monitoring
Source Code Analysis
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation
Continuous Delivery
Application Lifecycle Management
Application Release Automation
Build Automation
Build Log
Change Management
Configuration Management
Continuous Deployment
Continuous Integration
Feature Toggles / Feature Flags
Quality Management
Testing Management
Continuous Integration
Build Log
Change Management
Configuration Management
Continuous Delivery
Continuous Deployment
Debugging
Permission Management
Quality Assurance Management
Testing Management
