Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Find secrets with Gitleaks 🔑

Find, verify, and analyze leaked credentials

World's most advanced database DevSecOps solution for Developer, Security, DBA and Platform Engineering teams. The GitHub/GitLab for database DevSecOps.

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Tfsec is now part of Trivy

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

ContainerSSH: Launch containers on demand

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

🧵 CLI tool for directly patching container images!

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

kube-scan: Octarine k8s cluster risk assessment tool

Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework