Integrate Your Scanners with ThreadFix

Hewlett_Packard_Enterprise_logo.svg

HPE Security Fortify SCA Integration

Maximize your investment in HP Fortify by integrating with ThreadFix to import and merge scan results and schedule regular scans.

Learn More

Hewlett_Packard_Enterprise_logo.svg

HPE Security WebInspect Integration

Use HP WebInspect with ThreadFix to merge and track SAST and DAST scan results.

Learn More

ibm-4q-2014-logo.com

IBM AppScan Standard Integration

ThreadFix allows IBM AppScan users to import and track AppScan DAST results and merge DAST and SAST scan results.

Learn More

logo-netsparker-lg

Netsparker Integration

Import and track Netsparker DAST results and merge DAST and SAST scan results with the ThreadFix NetSparker integration.

Learn More

owasp_zap_logo

OWASP ZAP Integration

Import scan results, merge them with other scanning results and track the results of scans over time using ThreadFix’s OWASP ZAP integration.

Learn More

ThreadFix Scanner Integrations

logo-acunetix

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits web applications by checking for vulnerabilities accessible via web browser.

logo-arachni

Arachni is a Ruby framework that helps penetration testers and administrators gauge web application security.

logo-barracuda

Barracuda Vulnerability Manager is a free service that detects web application vulnerabilities and helps you remediate them automatically.

logo-black-duck

Black Duck integrates with ThreadFix to automatically scan, identify and inventory open source software, allowing you to understand license obligations, conflicts and risks.

logo-brakeman

Brakeman is an open source static analysis vulnerability scanner tailored for Ruby on Rails applications designed to spot security vulnerabilities.

Logo_Horizontal__RGB no tagline_no shadow

Checkmarx’s CxSAST is a tool that discovers and documents application layer security vulnerabilities.

contrastsecurityIAST

Contrast IAST Scanner Integration uses sensors to passively monitor the behavior of applications and discover vulnerabilities quickly and accurately.

logo-buggy

FindBugs is a static analysis open source program that detects bugs in Java code.

ibm-4q-2014-logo.com

IBM AppScan Enterprise mitigates application security risk, strengthen application security program management initiatives and achieve regulatory compliance.

ibm-4q-2014-logo.com

IBM AppScan Source identifies web-based and mobile application source code vulnerabilities early in the software development cycle, so they can be fixed before deployment.

owasp_logo

OWASP Dependency Check identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.

logo-irhvsiga

Portswigger BurpSuite Pro is a testing platform that maps and analyzes an applications attack surface then discovers and exploits security vulnerabilities.

logo-qualys

Qualys Web Application Scanning (WAS) is an automated service that performs regular testing of web applications with automated crawling that scales and minimizes false positives.

logo-rapid7

Rapid7 AppSpider (NTOSpider) creates custom attacks based on the architecture of your specific application to provide the most accurate testing results.

logo-skipfish

Skipfish is a web application security tool that prepares interactive sitemaps of targeted sites.

sonatype_logo_whiteBG

Sonatype Nexus help organizations improve the quality, security, and speed of their software supply chains.

logo-tenable

Tenable Nessus identifies network vulnerabilities and configurations, then prevents attacks on the network.

logo-trustwave

Trustwave App Scanner Enterprise (Cenzic Hailstorm) automates the detection of security vulnerabilities in web applications and services with an emulated browser and mock attacks within its patented Hailstorm™ scanning engine.

logo-veracode

Veracode Binary Static Analysis (SAST) platform performs analysis of code and third party components without the upload of source code.

logo-veracode

Veracode Dynamic Analysis (DAST) platform employs DynamicDS (Deep Scan) and Virtual Scan Appliance (VSA) to perform scans of web applications with and without authentication and behind the firewall.

logo-virtual-forge

Virtual Forge CodeProfiler is an ABAP virtual firewall enforcing security, speed and quality from development, quality assurance and production.

logo-w3af

W3AF detects web application vulnerabilities and provides tools for penetration testing efforts with specially crafted HTTP requests.

logo-whitehat

WhiteHat Security Sentinel Dynamic Analysis accurately identifies and verifies vulnerabilities in your websites and web applications. 

logo-whitehat

WhiteHat Security Sentinel Static Analysis scans your entire source code, identifies vulnerabilities and provides detailed vulnerability descriptions and remediation advice.

Take ThreadFix for a test drive.

DOWNLOAD A TRIAL