Application Security reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Consultants and organizations around the world use Nessus® Professional to reduce their IT attack surface and ensure compliance. Nessus features high-speed asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery and more. Nessus supports more technologies than competitive solutions, scanning operating systems, network devices, next generation firewalls, hypervisors, databases, web servers and critical infrastructure for vulnerabilities, threats and compliance violations. With the world’s largest continuously updated library of vulnerability and configuration checks, and the support of Tenable’s expert vulnerability research team, Nessus sets the standard for vulnerability scanning speed and accuracy.
IBM Security AppScan Standard protects against web application attacks and expensive data breaches by automating application security vulnerability testing. Avoid security vulnerabilities Use automated dynamic security testing and advanced static analysis – “black box” and “white box” – to detect developing security issues. Empower accurate scanning Scan websites to identify embedded vulnerabilities. Simplify interpretation of scan results with scan-specific explanations of each issue. Get quick remediation Fix high-priority problems first with streamlined remediation. Make fixes quickly with the provided remediation steps – including code examples and a task list.
Netsparker develops an industry leading automated web application security solution. Available as Windows software, online and on-premises service, the Netsparker scanner can automatically detect SQL Injection, Cross-site Scripting and other vulnerabilities in any type of modern HTML5, Single Page Application (SPA), Web 2.0 web application and web services, regardless of the technology they are built with. The Netsparker scanner does not just report the vulnerabilities, it also generates a proof of exploit confirming they are real and not false positives. Therefore you do not have to waste time manually verifying the scanner’s findings and can easily scale up web application security and scan thousands of websites within a matter of hours. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank.
Checkmarx is the Software Exposure Platform for the enterprise. Over 1,400 organizations around the globe rely on Checkmarx to measure and manage software risk at the speed of DevOps. Checkmarx serves five of the world’s top 10 software vendors, four of the top American banks, and many government organizations and Fortune 500 enterprises, including SAP, Samsung, and Salesforce.com. Learn more at Checkmarx.com or follow us on Twitter: @checkmarx.
SiteLock, the global leader in website security solutions, is the only provider to offer complete, cloud-based website protection. Its 360-degree monitoring detects and fixes threats, prevents future attacks, accelerates website performance, and meets PCI compliance standards for businesses of all sizes. Founded in 2008, the company protects over 12 million websites worldwide. For more information, please visit sitelock.com.
Cloudbric is a cloud-based web security provider, offering an award-winning Web Application Firewall (WAF), DDoS protection, and SSL. Cloudbric offers security primarily to startup and SMB websites that lack cybersecurity experience or can't afford expensive IT security solutions. Cloudbric’s services are free for all websites with less than 4GB of bandwidth per month. We charge based on amount of web traffic, making Cloudbric perfect for SMEs and new startups. Our services are military-grade protection for the little guy.
The NGINX Application Platform is a suite of products that together form the core of what organizations need to create applications with performance, reliability, security, and scale. The NGINX Application Platform includes NGINX Plus for load balancing and application delivery, the NGINX WAF for security, and NGINX Unit to run the application code, all monitored and managed by the NGINX Controller. NGINX is the heart of the modern web — helping the world’s most innovative companies deliver their sites and applications with performance, reliability, security, and scale. The company offers an award-winning, comprehensive application delivery platform in use on more than 300 million sites worldwide. Companies around the world rely on NGINX to ensure flawless digital experiences through features such as advanced load balancing, web and mobile acceleration, security controls, application monitoring, and management. More than half of the Internet’s busiest websites rely on NGINX, including Airbnb, Box, Instagram, Netflix, Pinterest, SoundCloud, and Zappos. The company is headquartered in San Francisco, with its EMEA headquarters in Cork, Ireland and APAC headquarters in Singapore. Learn more at https://www.nginx.com/
Trend Micro IM Security provides threat and data protection for Microsoft Skype for Business servers. Top-rated malware and URL filtering block phishing messages and malicious file transfers. Built-in Data Loss Prevention (DLP) controls the sharing of sensitive data. Minimize risk exposure with messaging content filters that warn users of unprofessional behavior. This real-time security solution also helps avoid conflicts of interest with communication controls to enforce blocks or ethical walls.
Appknox is one of the enterprise level security assessment product that helps businesses and enterprises to detect, manage and fix security issues. Its been used by some of the top enterprises to secure more than 500 mobile apps on regular basis. Appknox is listed in one of the Gartner's top mobile app security testing vendors list. Working with more than 100 organizations globally Appknox has been focusing on niche area of mobile app security.
BitNinja is an easy-to-use server security tool, which can be installed on your server within a couple of minutes and requires virtually no maintenance. It is a mixture of an on-premise and cloudbased solution. It is an agent which sits on your infrastructure and sends the attack information to the central server which is in the cloud. We have a new technology called defence network, which means that every BitNinja protected server learns from each attack and shares the learned information with the central server and with all the other BitNinja enabled servers, so the shield just gets stronger and stronger with every single attack.
Detectify is a web security scanner that performs fully automated tests to identify security issues on your website. It checks for SQL injections, XSS and 700+ other vulnerabilities. This is included: - A scanner that checks your site for 700+ vulnerabilities - The latest security tests submitted by ethical hackers - Unlimited number of scans - An extensive knowledge base with over 100 remediation tips - Team functionality so that you can easily share reports - Integrations with popular tools like Slack, Jira and PagerDuty
WebInspect offers automated dynamic application security testing (DAST) and interactive application security testing (IAST) technologies that mimics real-world hacking techniques and attacks, provides comprehensive dynamic analysis of complex web applications and services, and crawls more of the attack surface to exposes exploits.
Powered by XGen security, Trend Micro Network Defense goes beyond next-gen IPS to provide a blend of cross-generational techniques that apply the right technology at the right time to deliver integrated detection and prevention of known, unknown and undisclosed threats.
Appsec Scale is an automated web application security testing solution. Its works with the same appsec engine as Outpost24's SWAT (the Secure Web Application Tactics) which means it always adapt itself to applications changes and new discovered threats. Appsec Scale test continuously the application but customers keep the control of the solution. Finally, Appsec Scale goes further than application testing and analyzes also the infrastructure. The solution can fit organizations of any size. It is Cloud-based (SaaS) so easy to deploy. But Application security teams are available 24/7 to support. Know more > https://outpost24.com/appsec-scale
Baffle's solution goes beyond simple encryption to truly close gaps in the data access model. The technology protects against some of the most recent high profile attacks. It's easy to deploy, requires no changes to the apps, and encrypts data at-rest, in use, in memory and in the search index. That’s complete data protection.
baramundi Management System (bMS) is a modular, scalable and highly cost-effective Unified Endpoint Management system for comprehensive IT management, security and workflow automation. Modules work together via a single database in a single user interface. Select any of 18 available modules now and add others as needed for OS Install & Cloning, Patch Management, Vulnerability Management, MDM, Remote Control, HW/SW Inventory, VM Management, SNMP Device Management, Application Control, Disaster Recovery, Personal Backup and more.
CAST Application Intelligence Platform (AIP) is an enterprise-grade software measurement and quality analysis solution designed to analyze multi-tiered, multi-technology applications for technical vulnerabilities and adherence to architectural and coding standards and then provide business relevant information to the IT organization through various dashboards and products built with end users in mind.
CA Veracode Greenlight brings security scanning right into your IDE as you are coding, returning most scans in seconds. Think of it as your own personal security coach, highlighting the parts of your code that are vulnerable, and providing helpful tips on how to fix it. Becoming a better developer starts with ensuring that you are committing code with the fewest security flaws possible.
CA Veracode's State of Software Security Report found that 88% of Java applications had at least one open sourced based vulnerability, one of which leaked the Social Security numbers of 143 million Americans. CA Veracode Software Composition Analysis (SCA) identifies risks from open source libraries early so you can reduce unplanned work, covering both security and license risk. SCA helps Engineering keep roadmaps on track, Security achieve regulatory compliance, and the Business make smart decisions
CA Veracode Vendor Application Security Testing (VAST) provides a scalable program for managing third-party software risk. Build your program based on a decade’s worth of best practices to ensure success and see a simple pass or fail for each vendor application. Because CA Veracode scans binaries rather than source code, vendors will be more comfortable with the assessments because they don't have to disclose their intellectual property. With CA Veracode, you can scale your program without adding specialized headcount and manage the entire program on a single platform
CA Veracode Web Application Scanning (WAS) offers a unified solution to find, secure, and monitor all of your web applications – not just the ones you know about. First, CA Veracode discovers and inventories all of your external web applications, then performs a lightweight scan on thousands of sites in parallel to find critical vulnerabilities and helps you prioritize your biggest risks. As a second step, you can run authenticated scans on critical applications to systematically reduce risk while continuously monitoring your security posture as part of the SDLC. CA Veracode offers multiple scanning technologies on a single platform, so you get unified results, analytics, and increased accuracy
Code Dx’s automated application vulnerability correlation shaves weeks off that process so you can get right to fixing your code. Its vulnerability management lets you quickly prioritize vulnerabilities (to fix the most important ones first), track progress of their remediation, and observe how your code's security changes over time.
Deepfence provides application layer intrusion prevention for modern workloads. Deepfence's Security as a Microservice gets deployed as a lightweight sidecar container on every host, and can be scaled and orchestrated in exactly the same manner as your other containers.
Enterprise Threat Protector (ETP) enables security teams to proactively identify, block, and mitigate targeted threats such as malware, ransomware, phishing, and data exfiltration that exploit the Domain Name System (DNS). Powered by real-time intelligence from Akamai Cloud Security Intelligence and Akamai's proven, globally distributed recursive DNS platform, Enterprise Threat Protector efficiently delivers security, control, and visibility to the enterprise while easily integrating with your existing network defenses.
Our SaaS Vulnerability Scanner accumulates the power of software discovery that runs against your Internet facing hosts and vulnerability intelligence. We use passive fingerprinting techniques to detect software and its version, running on a particular port, as well as supported functionality. This approach allows us to reliably detect and report critical vulnerabilities, misconfigured services or dangerous applications facing the Internet within your infrastructure. Furthermore, your systems will not suffer service disruptions during vulnerability scans as our passive fingerprinting techniques do not require usage of dangerous exploits. During the scan we will not trigger memory corruption, excessive resources consumption or assertion failures and still will be able to detect if your service is vulnerable to such threats.
Trend Micro PortalProtect secures collaborations with a dedicated layer of protection that guards against malware, malicious links, and other threats that SharePoint administrators are often unaware of. Its web reputation technology blocks malicious links from entering web portals, while its powerful content filtering scans both files and web components of SharePoint.
Prey is a cross-platform anti-theft and management solution for laptops, tablets and phones used to protect over 8 million devices, all around the world. Its solid tracking technology helps people and companies keep track of their assets 24/7, and proves to be crucial in the recovery of stolen devices and in the prevention of data breaches. What can you do with Prey anti-theft: MONITOR EFFICIENTLY Global view with location history to keep an eye on all devices, plus Control Zones to delimit areas on a map, like an office, and receive alerts if any assigned device moves in or out. MITIGATE DATA LOSS Data protection features provide the chance to avoid leaks by wiping custom directories remotely or retrieving files from compromised devices with corporate information. PREVENT THEFT Prey’s Missing Evidence reports will provide location, pictures, nearby Wifi networks and more data crucial when retrieving stolen devices and finding the culprit. MANAGE EFFORTLESSLY Smoothly manage thousands of devices by categorizing them with labels and perform bulk tasks with ease using Mass Actions: Alarm, Lock, Message Alerts, Wipe. INTEGRATE YOUR FLEET Organize devices from all types and operating systems under a single platform. Android, Windows, Linux, Chromebook, iOS, macOS, laptops, tablets, and mobiles, we got it. TRACKING CAPABILITIES ► Control Zones: Mark an area on a map, and get alerts when your mobile devices enter or leave it. ► Missing Device Reports: Receive evidence reports with location, nearby networks, pictures, and everything else you need to locate a device. ► GPS Geolocation: Pin-point accuracy reflected on a map, with gps coordinates on each report. ► Aware Tracking: Select between a smart and automatic periodic location tracking, or the on-demand alternative. ► Security Alarm: It will ring like gangbusters, even if your android phone's sound is silenced. ► Re Lock: Keep curious hands away from your lost mobile device, block it remotely. ► Front and Back Camera: Take silent snaps and discover who is holding your device. ► Security Camouflage: Go silent with the camouflage mode, hide the app on your android phone. ► Security Message Alert: Display a message on the screen to contact the current user. ► Location History: DATA PROTECTION ► Wipe: Boom, gone. Simply select what you want to delete, and safeguard your privacy. ► File Retrieval: That document you worked on for countless nights? We can retrieve it. DEVICE MANAGEMENT: ► Group Labelling: Create custom labels and group devices according to users, status, or area. ► Advanced Search: Filter the devices you are looking for with our advanced search system. ► Custom APK: Deploy and configure Prey with ease using customized installers. ► Mass Actions: All security actions can be deployed in mass to ensure smooth large-scale management.
Probe.ly finds vulnerabilities or security issues in web applications and provides guidance on how to fix them. Probe.ly was built having developers in mind. Despite its sleek and intuitive web interface, Probe.ly follows an API-First development approach, providing all features through an API.
ProfileUnityUser Environment Management ends the need for roaming profiles or basic profile tools. The solution supports zero downtime user migrations to Windows 10, and Server 2016, and to DaaS platforms such as Amazon WorkSpaces, Citrix Desktops on Azure, VMware Horizon hosted desktops, or Microsoft RDS & RDMI
SD Elements is an award-winning platform that translates policies to prescriptive, measurable procedures that are used by IT and Engineering teams to achieve their security and compliance objectives. SD Elements generates and tracks granular controls with a flexible rule- based engine and integrates those controls into ALMs and enterprise workflows used by development teams, including those leveraging DevOps. SD Elements also delivers Just-In-Time training to developers, providing concise, contextual guidance on how to implement controls right when they need it.
Runtime Application Self-Protection (RASP) solution for developers. It protects applications and users against attacks at runtime. The protection logic is brought into applications with no source code modification or traffic redirection. Once deployed, Sqreen provides real-time protection against a large set of vulnerabilities incl. SQL injections, XSS, account takeovers, Security bots/scanners etc. It will detect suspicious user activities like: attacks performed by connected users, tor connections, shared accounts, lost passwords etc. Sqreen gets installed in 30 seconds and doesn’t require any configuration or maintenance.
Wallarm is an AI-powered application security solution for the teams launching new modular software services or upgrading their existing web applications to a new stack. Wallarm includes an adaptive Next Gen WAF, attack sandboxing, vulnerability scanner and development time testing modules.