Application Security Software

At Vulcan Cyber we’re changing the way businesses reduce cyber risk through vulnerability remediation orchestration. We help IT security teams go beyond remedial vulnerability management to help them drive vulnerability remediation outcomes. The Vulcan platform consolidates vulnerability and asset data, with threat intelligence and customizable risk parameters to deliver risk-based vulnerability prioritization insights. But we don't stop there. Vulcan remediation intelligence takes the vulnerabilities that matter to your business and attaches the remedies and fixes needed to mitigate the threat. Then Vulcan orchestrates and measures the rest of the remediation process with integrations and inputs into application security, DevSecOps, patch management, configuration management, and cloud security tools, teams and functions. From scan to fix, Vulcan Cyber delivers the unique ability to orchestrate the entire vulnerability remediation process to GET FIX DONE at scale.

AppTrana is a fully managed Web application firewall, that includes Web application scanning for getting visibility of application-layer vulnerabilities; instant and managed Risk-based protection with its WAF, Managed DDOS and Bot Mitigation service, and Web site acceleration with a bundled CDN or can integrate with existing CDN. All of this backed with a 24x7 Managed Security Expert service to provide custom rules and policy updates with zero false positive guarantee and promise.

The leading solution for agile open source security and license compliance management, WhiteSource integrates with the DevOps pipeline to detect vulnerable open source libraries in real-time. It provides remediation paths and policy automation to speed up time-to-fix. It also prioritizes vulnerability alerts based on usage analysis. We support over 200 programming languages and offer the widest vulnerability database aggregating information from dozens of peer-reviewed, respected sources.

Acunetix is the market leader in automated web application security testing, and is the tool of choice for many Fortune 500 customers. Acunetix detects and reports on a wide array of web application vulnerabilities. The Acunetix industry leading crawler fully supports HTML5 and JavaScript and Single-page applications, allowing auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on premise solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality. Acunetix integrates with popular Issue Trackers and WAFs and is available on Windows, Linux and Online

Netsparker web application security scanner automatically detects SQL Injection, Cross-site Scripting (XSS) and other vulnerabilities in all types of web applications, regardless of the technology they are built with. Netsparker is easy to use and employs a unique and dead accurate proof-based scanning technology that automatically verifies the identified vulnerabilities; so you do not have to manually verify them. Netsparker is available as desktop software and as an online scanning service and is trusted by world renowned companies such as Samsung, NASA, Microsoft, ING bank, Skype and Ernst & Young.

SecPod SanerNow is the world's best unified endpoint security & management platform that powers IT/Security Teams automate cyber hygiene practices. It works on an intelligent agent-server model to execute effective endpoint management and security. It gives you accurate vulnerability management with scanning, detection, assessment, prioritization, and remediation capabilities. SanerNow is available on both cloud and on-premise, whose integrated patch management automates patching across all major OSs like Windows, MAC, Linux, and a vast collection of 3rd party software patches. What makes it unique? You can now access other salient features like security compliance management, IT asset management, endpoint management, software deployment, application & device control, and endpoint threat detection and response, all on a single platform. With SanerNow, you can remotely perform and automate these tasks to secure your systems from the emerging wave of cyberattacks.

Imunify360 is a security solution for web-hosting servers. Imunify360 goes beyond antivirus and WAF and is a combination of an Intrusion Prevention and Detection system, a Application Specific Web Application Firewall, Real-time Antivirus protection, a Network Firewall, and Patch Management components in one security suite. Imunify360 is a fully-automated solution and it collects all statistics under an intuitive dashboard.

Visual Guard protects in-house business applications from the inside: - Authorize & Manage your users from customers to your workforce - Protect data and functionality from unauthorized access (fine-grained permissions) - Monitor & detect threats in real time - Restrict the access to allow minimum operations in case of breaches

Debricked's tool enables for increased use of Open Source while keeping the risks at bay, making it possible to keep a high development speed while still staying secure. The service runs on state of the art machine learning, allowing the data quality to be outstanding as well as instantly updated. High precision (over 90% in supported languages) in combination with flawless UX and scalable automation features makes Debricked one of a kind and the way to go for Open Source Management. Shortly, Debricked will release the brand new feature called Open Source Health, where open source projects can be compared, evaluated and monitored to ensure high quality and health.

Whether open source or commercial, SoapUI testing tools make it easy to create, manage, and execute end-to-end tests on REST, SOAP, & GraphQL APIs, JMS, JDBC, and other web services so you can deliver software faster than ever. For developers and testers looking to accelerate their ability to deliver REST & SOAP APIs, SoapUI Open Source is the simplest and easiest way to begin your API testing journey. Automate and fit API testing into your team’s continuous delivery pipeline with the next generation tool built for validation of REST, SOAP, GraphQL, microservices, and other back-end services. APIs, or Application Programming Interfaces, have become the center of software development, connecting and transferring data and logic across disparate systems and applications. Luckily, testing them can greatly improve the efficiency of your testing strategy as a whole, helping you deliver software faster than ever

The leading hybrid and multi-cloud platform that provides next-gen WAF, API Security, RASP, Advanced Rate Limiting, Bot Protection, and DDoS purpose built to eliminate the challenges of legacy WAF. Legacy WAFs weren’t designed for today’s web apps that are distributed across cloud, on-premise or hybrid environments. Our next-gen web application firewall (NGWAF) and runtime application self protection (RASP) increase security and maintain reliability without sacrificing velocity, all at the lowest total cost of ownership (TCO).

Trend Micro is a software organization that offers a piece of software called Trend Micro Cloud App Security. Trend Micro Cloud App Security is application security software, and includes features such as analytics / reporting, open source component monitoring, source code analysis, Third-Party tools integration, training resources, vulnerability detection, and vulnerability remediation. Some competitor software products to Trend Micro Cloud App Security include NTT Application Security, ImmuniWeb, and WhiteSource.

ImmuniWeb SA is a global application security company operating in over 50 countries, headquartered in Geneva, Switzerland. Most of ImmuniWeb customers come from regulated industries, such as banking, healthcare, and e-commerce. ImmuniWeb® AI Platform leverages award-winning AI and Machine Learning technology for acceleration and intelligent automation of Attack Surface Management and Dark Web Monitoring. The data is later leveraged for a threat-aware and risk-based Application Penetration Testing for web, mobile, and API security testing. ImmuniWeb is the only company that offers a contractual zero false-positives SLA with a money-back guarantee. ImmuniWeb’s AI technology is a recipient of numerous awards and recognitions, including Gartner Cool Vendor, IDC Innovator, and the winner of “SC Award Europe�? in the “Best Usage of Machine Learning and AI�? category. ImmuniWeb® Community Edition runs over 100,000 daily tests, being one of the largest application security communities

The #1 SaaS bot protection solution for e-commerce and classified ads businesses. Deploys in minutes on any web infrastructure. Unmatched bot detection speed and accuracy. Runs on autopilot, easy to customize. Full protection of your websites, mobile apps and APIs. DataDome takes care of all unwanted traffic so that your IT teams don’t have to. No more on-call incidents due to bot attacks! You still remain in full control, thanks to the bot detection software’s most comprehensive dashboard to monitor and optimize detection and response. DataDome runs anywhere, in any cloud. You install it in minutes with a simple piece of code, optimized for your architecture. Our bot detection software offers unified protection of complex architectures. It’s compatible with all major web technologies, including multi-cloud and multi-CDN setups.

CloudPassage Halo is a unified, SaaS-based cloud security platform that automates cloud computing security controls and compliance across servers, containers, and IaaS in any public, private, hybrid, and multi-cloud environment. With over 20,000 pre-configured rules and more than 150 policy templates that cover standards such as PCI, CIS, HIPAA, SOC, and DISA STIGs for IaaS services, Halo’s extensive automation capabilities streamline and accelerate workflows between InfoSec and DevOps. The comprehensive, bi-directional Halo API, developer SDK, and toolkit automate your security and compliance controls into your DevOps toolchain to identify critical vulnerabilities so they can be remediated prior to production. The free edition of Halo Cloud Secure includes full access to the Halo Cloud Secure CSPM service for up to 10 cloud service accounts across any mix of AWS, Azure, and GCP, at no cost to you, ever. Sign up now and start your journey to fully automated cloud security!

Cameyo is the secure Virtual Application Delivery (VAD) platform for any Digital Workspace. Cameyo makes it simple, seamless, and secure to deliver Windows and internal web applications to any device from the browser without the need for virtual desktops or VPNs. By enabling organizations to provide their people with secure access to the business-critical apps they need to stay productive from anywhere, Cameyo helps make remote & hybrid work, work. Hundreds of enterprises and organizations utilize Cameyo’s Digital Workspace solution to deliver Windows and internal web applications to hundreds of thousands of users worldwide.

Quixxi Security assesses applications so you understand what vulnerabilities they have. It allows you to conduct penetration testing of apps and puts a secure encryption wrapper around applications so malware can’t access them or the data they handle. So, while your applications work as intended, unauthorised access to them is prevented as they remain almost invisible to malicious software.

Rencore Code (SPCAF) is the only solution on the market that analyzes and assures SharePoint, Microsoft 365 and Teams code quality by checking violations against over 1100 policies and checks regarding security, performance, best practices, maintainability, and supportability.

Xanitizer specializes in security analysis of web applications and also considers the behavior of the applied web frameworks. By means of static code analysis the tool systematically scans the program code of an entire system for security vulnerabilities. Xanitizer investigates not only the source code, but also configuration files and templates for rendering the HTML output. Xanitizer is the essential tool for security auditors of web applications. Xanitizer is available for Windows, Linux, and macOS and can easily be integrated into the build process, automatically and regularly performing its analysis tasks, reporting detected security issues and monitoring your security enhancements. Offers excellent accuracy, as demonstrated on the OWASP Benchmark test suite by detecting 100% of the vulnerabilities with 0% false alarms. Detects more than 100 different vulnerability types like SQL Injection, XSS, XEE, Privacy Leaks, and Misues of Cryptographic APIs.

Scans any target, whether Web Apps, APIs (REST. & SOAP, GraphQL & more), Web sockets or mobile, providing actionable reports. NeuraLegion works with your existing CI/CD pipelines – trigger scans on every commit, pull request or build with unit testing. One file. One command. One scan. No UI needed. Interacts with applications and APIs, instead of just crawling them and guessing. Scans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks. Stop chasing ghosts and wasting time. NeuraLegion doesn’t return false positives, so you can focus on releasing code. Simple and easy to use, start scanning in minutes. Invents new attack scenarios specific to your application. Our solution secures businesses of any size and industry.

JupiterOne enables security and compliance as code for leading cloud-based organizations like Reedit, Databricks and Auth0. JupiterOne integrates with your cloud and DevOps resources to centralize the data, then maps the relationships on a graph while applying a data model that aligns with popular security and compliance frameworks.

Configuring traditional web application firewalls can take days of effort. But Barracuda WAF-as-a-Service—a full-featured, cloud-delivered application security service—breaks the mold. Deploy it, configure it, and put it into full production—protecting all your apps from all the threats—in just minutes.

The Infocyte Managed Detection and Response platform helps security teams proactively hunt, detect, and respond to cyber threats and vulnerabilities resident within their network—across physical, virtual, and serverless assets. Our MDR platform provides asset and application discovery, automated threat hunting, and on-demand incident response capabilities. Combined, these proactive cyber security practices help organizations control attacker dwell time, reduce overall cyber risk, maintain compliance, and streamline security operations.

Modern security teams are “paving the road�? for developers — enforcing code guardrails on every commit. r2c’s Semgrep can eliminate vulnerability classes organization-wide. Scale your security team with lightweight static analysis. Semgrep is a fast, open-source, static analysis tool that excels at expressing code standards — without complicated queries — and surfacing bugs early in the development flow. Precise rules look like the code you’re searching; no more traversing abstract syntax trees or wrestling with regexes. Start right away with 900+ rules and SaaS infrastructure to get fast results in your editor, at commit-time, or in CI. When off-the-shelf rules aren’t enough, quickly and intuitively write custom rules to express your unique code standards. Rules look like the code you’re searching. For example, rules for Go look like Go. Find function calls, class or method definitions, and more without having to understand abstract syntax trees or wrestle with regexes.

Highest rated DAST solution by an independent research firm three years in a row. Automatically assess modern web apps and APIs with fewer false positives and missed vulnerabilities. Fast-track fixes with rich reporting and integrations, and inform compliance and development stakeholders. Effectively manage the security assessment of your application portfolio, regardless of its size. Automatically crawl and assess web applications to identify vulnerabilities like SQL Injection, XSS, and CSRF. The modern UI and intuitive workflows built on the Insight platform make InsightAppSec easy to deploy, manage, and run. Scan applications hosted on closed networks with the optional on-premise engine. InsightAppSec assesses and reports on your web app's compliance to PCI-DSS, HIPAA, OWASP Top Ten, and other regulatory requirements.