Chainguard
Chainguard Containers provide a trusted set of minimal, zero-CVE container images with a top-tier CVE remediation SLA—addressing critical vulnerabilities within 7 days, and high, medium, and low within 14—enabling teams to build and deploy software more confidently.
As modern development workflows and CI/CD pipelines depend on secure, up-to-date containers for cloud-native applications, Chainguard offers streamlined images built entirely from source in a hardened, secure build environment. Designed for both engineering and security stakeholders, Chainguard Containers reduce the manual overhead of managing vulnerabilities, improve application resilience by shrinking the attack surface, and accelerate go-to-market by simplifying alignment with compliance standards and customer security expectations.
Learn more
ManageEngine Endpoint Central
ManageEngine's Endpoint Central, formerly Desktop Central, is a Unified Endpoint Management Solution that manages enterprise mobility management, including all features of mobile app management and mobile device management, as well as client management for a wide range of endpoints such as mobile devices, laptops computers, tablets, servers, and other machines. ManageEngine Endpoint Central allows users to automate their desktop management tasks such as installing software, patching, managing IT assets, imaging, and deploying OS.
Learn more
Wapiti
Wapiti is a tool designed for scanning vulnerabilities in web applications. It provides the capability to assess the security of both websites and web applications effectively. By conducting "black-box" scans, it avoids delving into the source code and instead focuses on crawling through the web pages of the deployed application, identifying scripts and forms that could be susceptible to data injection. After compiling a list of URLs, forms, and their associated inputs, Wapiti simulates a fuzzer by inserting various payloads to check for potential vulnerabilities in scripts. It also searches for files on the server that may pose risks. Wapiti is versatile, supporting attacks via both GET and POST HTTP methods, and handling multipart forms while being able to inject payloads into uploaded filenames. The tool raises alerts when it detects anomalies, such as server errors or timeouts. Moreover, Wapiti differentiates between permanent and reflected XSS vulnerabilities, providing users with detailed vulnerability reports that can be exported in multiple formats including HTML, XML, JSON, TXT, and CSV. This functionality makes Wapiti a comprehensive solution for web application security assessments.
Learn more
APIFuzzer
APIFuzzer analyzes your API specifications and systematically tests the fields to ensure your application can handle modified parameters, all without the need for programming. It allows you to import API definitions from either local files or remote URLs, supporting both JSON and YAML formats. Every HTTP method is accommodated, and it can fuzz the request body, query strings, path parameters, and request headers. Utilizing random mutations, it also integrates seamlessly with continuous integration systems. The tool can produce test reports in JUnit XML format and has the capability to send requests to alternative URLs. It supports HTTP basic authentication through configuration settings and stores reports of any failed tests in JSON format within a designated folder, thus ensuring that all results are easily accessible for review. Additionally, this enhances your ability to identify vulnerabilities and improve the reliability of your API.
Learn more
