Integrations

Skipfish is a web application security tool that prepares interactive sitemaps of targeted sites.

Snyk is a developer-first security company that helps organizations use open source and stay secure.  Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images.

SonarQube is an automatic code review tool to detect bugs, vulnerabilities, and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.

Sonatype Nexus help organizations improve the quality, security, and speed of their software supply chains.

Tenable Nessus identifies network vulnerabilities and configurations, then prevents attacks on the network.

Tenable.sc discovers unknown assets and vulnerabilities, and monitors unexpected network changes before they turn into breaches.

Trustwave App Scanner Enterprise (Cenzic Hailstorm) automates the detection of security vulnerabilities in web applications and services with an emulated browser and mock attacks within its patented Hailstorm™ scanning engine.

Veracode Dynamic Analysis helps you scan your web applications for exploitable vulnerabilities at scale. With an ability to test thousands of applications simultaneously and a less than 1% false positive rate coupled with comprehensive remediation guidance, customers are able to rapidly reduce their risk of a breach across their web applications.

Veracode Software Composition Analysis detects open source vulnerabilities in the software development process with higher accuracy. Veracode SCA reduces false positives by prioritizing vulnerabilities in the execution path of the application. Its proprietary database contains significantly more vulnerabilities than the NVD because it datamines pull requests, bug reports, and release notes.

Veracode Static Analysis provides fast, automated security feedback to developers, conducts a full policy scan before deployment, and gives clear guidance on what issues to focus on and how to fix them faster. Results have high accuracy without manual tuning based on 10 trillion lines of code scanned through our SaaS-based engines.

Vex has been developed by the engineers with rich understanding of vulnerability testing and the scenario creation methods for accurately detecting vulnerabilities.

Virtual Forge CodeProfiler is an ABAP virtual firewall enforcing security, speed and quality from development, quality assurance and production.