Security Tools
🤖
CyberArk
Paid
CyberArk is the global leader in identity security and privileged access management. Its platform secures human and machine identities across hybrid and multi-cloud environments, protecting privileged accounts that are the primary target in 80% of breaches. CyberArk Privilege Cloud provides SaaS-delivered PAM, while Endpoint Privilege Manager removes local admin rights without impacting productivity. Used by 8000+ organisations in critical infrastructure, finance, and healthcare to protect their most sensitive access.
🤖
Datadog Security
Paid
Datadog Security provides cloud security monitoring, SIEM, and application security as part of the Datadog observability platform. Its Cloud Security Management detects misconfigurations and threats across AWS, Azure, and GCP infrastructure. Application Security Management identifies vulnerabilities in running applications using distributed tracing data. The unified platform correlates security signals with performance metrics for faster investigation. Used by 28000+ organisations that already use Datadog for monitoring.
🤖
Prisma Cloud
Paid
Prisma Cloud by Palo Alto Networks is a comprehensive cloud-native application protection platform covering CSPM, CWPP, CIEM, and code security in a single console. It provides full lifecycle security from IaC scanning in CI/CD pipelines through runtime protection of workloads in production. AI-powered threat detection correlates signals across the cloud estate to surface real attacks. Recognised as a leader in Gartner's CNAPP Magic Quadrant and used by 70% of Fortune 100 companies.
🤖
Trivy
Free
Trivy is a comprehensive, open-source security scanner by Aqua Security for containers, Kubernetes, code repositories, and cloud infrastructure. It scans for OS vulnerabilities, application dependencies, IaC misconfigurations, exposed secrets, and software licences in a single tool. Trivy integrates with GitHub Actions, GitLab CI, Jenkins, and Kubernetes admission controllers. The most widely adopted open-source container security scanner with 20000+ GitHub stars and used in thousands of CI/CD pipelines worldwide.
🤖
Falco
Free
Falco is the open-source cloud-native runtime security tool and CNCF project for detecting unexpected behaviour in containers, Kubernetes, and Linux hosts. It monitors system calls in real time and applies rules to detect anomalies like privilege escalation, file system changes, network connections, and container escapes. Falco alerts can be routed to Slack, PagerDuty, and SIEM systems. The de facto standard for runtime security in Kubernetes environments and used by major cloud providers as a detection engine.
🤖
SonarQube
Freemium
SonarQube is the leading platform for continuous code quality and security analysis. It performs static analysis on 30+ programming languages to detect bugs, code smells, and security vulnerabilities including OWASP Top 10 and SANS Top 25. SonarQube integrates with CI/CD pipelines and IDE plugins to provide immediate feedback to developers. The Community Edition is free and open-source. Used by 400000+ organisations including NASA, Microsoft, and BMW to maintain code quality standards across large codebases.
🤖
Checkov
Free
Checkov is an open-source static analysis tool for infrastructure as code security by Bridgecrew (now part of Palo Alto Networks). It scans Terraform, CloudFormation, Kubernetes, Helm, ARM, and Bicep configurations for security misconfigurations and compliance violations against 1000+ built-in policies covering CIS benchmarks, SOC2, PCI-DSS, and HIPAA. Checkov integrates with CI/CD pipelines to enforce security policies before infrastructure is provisioned. Free to use with an active open-source community.
🤖
Teleport
Freemium
Teleport is an open-source identity-native infrastructure access platform that provides secure, audited access to servers, Kubernetes clusters, databases, and internal applications without VPNs or shared credentials. It uses short-lived certificates instead of long-lived SSH keys, records all sessions for compliance, and integrates with SSO providers for unified access management. Teleport's Machine ID enables service-to-service authentication. Used by Elastic, Samsung, and IBM for zero-trust infrastructure access.
🤖
TruffleHog
Freemium
TruffleHog is an open-source secrets scanning tool that searches git repositories, S3 buckets, filesystems, and CI/CD pipelines for exposed credentials including API keys, passwords, and tokens. It uses entropy analysis and 700+ regex detectors to find secrets with high accuracy and low false positive rates. TruffleHog Cloud provides continuous monitoring and validates discovered secrets against their respective APIs to confirm which are live and exploitable. Used by security teams for secrets detection in code repositories.
🤖
Doppler
Freemium
Doppler is a SecretOps platform that centralises secrets management for development teams across all environments and cloud providers. Developers sync environment variables and secrets to local machines, CI/CD pipelines, and production servers from a single dashboard. Doppler eliminates .env files scattered across repositories and provides audit trails, access controls, and secret rotation. Integrates with AWS, GCP, Azure, GitHub Actions, and 25+ other platforms. Used by teams at Notion, Linear, and Stripe for secrets management.
🤖
Aikido Security
Freemium
Aikido Security is a developer-first application security platform that consolidates SAST, SCA, DAST, container scanning, IaC security, and secrets detection into a single tool with minimal false positives. Its AI triage engine automatically classifies and prioritises findings, reducing alert fatigue for engineering teams. Aikido integrates with GitHub, GitLab, and Bitbucket and provides a simple, actionable security dashboard. Popular with startups and scale-ups that need comprehensive AppSec coverage without a dedicated security team.
🤖
Snyk
Freemium
Snyk is a developer security platform that scans code, open-source dependencies, container images, and infrastructure as code for vulnerabilities and license issues, providing actionable fix advice directly in developer workflows. It integrates with GitHub, GitLab, Jira, and CI/CD pipelines so security checks happen automatically without interrupting the development flow. DevSecOps teams use Snyk to shift security left and fix vulnerabilities at the source before they reach production, reducing remediation time and cost significantly.
Browse Other Categories
Image Generation
Video AI
Productivity
AI Tool
Writing & Content
Audio & Music
Code & Developer
AI Companion
Gaming AI
LLM & Models
Data & Analytics
Finance
Framework
Marketing
Education
Legal
MLOps
Directory
E-commerce
AI Agents
APIs
Automation
Cybersecurity AI
Database
Healthcare AI
HR & Recruiting
NLP
Platform
Real Estate AI
Research
Search