Alternatives to Gecko Security
Compare Gecko Security alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Gecko Security in 2025. Compare features, ratings, user reviews, pricing, and more from Gecko Security competitors and alternatives in order to make an informed decision for your business.
-
1
Aikido Security
Aikido Security
Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks to: - False-positive reduction - AI Autotriage & AI Autofix - Deep integration into the dev workflow (from IDEs and task managers to CI/CD gating) - Automated Compliance Aikido’s covers the entire Software Development Lifecycle (SDLC), including: static application security testing (SAST), dynamic application security testing (DAST), infrastructure-as-code (IaC), container scanning, secrets detection, open source license scanning (SCA), cloud posture management (CSPM), runtime protection, and more. -
2
Kiuwan Code Security
Kiuwan
Security Solutions For Your DevOps Process. Automatically scan your code to identify and remediate vulnerabilities. Compliant with the most stringent security standards, such as OWASP and CWE, Kiuwan Code Security covers all important languages and integrates with leading DevOps tools. Effective static application security testing and source code analysis, with affordable solutions for teams of all sizes. Kiuwan includes a variety of essential functionality in a single platform that can be integrated directly into your internal development infrastructure. Fast Vulnerability Detection: Easy and instant setup. Start scanning and get results in just minutes. DevOps Approach To Code Security: Integrate Kiuwan with your Ci/CD/DevOps pipeline to automate your security process. Flexible Licensing Options: Plenty of options, one time scans or continuous scanning. Kiuwan also offers a Saas or On-Premise model. -
3
Acunetix
Invicti Security
As the market leader in automated web application security testing, Acunetix by Invicti is the go-to security tool for Fortune 500 companies. DevSecOps teams can cut through the noise to uncover unseen risks and mitigate dangerous exploits, detecting and reporting on a wide array of vulnerabilities. With an industry-leading crawler that fully supports HTML5, JavaScript, and Single-page applications, Acunetix enables the auditing of complex, authenticated applications for deeper insight into an organization's risk posture. It's a leader for a reason: the technology behind Acunetix delivers the only product on the market that can automatically detect out-of-band vulnerabilities to enable comprehensive management, prioritization, and control for vulnerability threats by criticality. Plus, it's available both online and as an on-prem solution, integrating with popular issue trackers and WAFs so that DevSecOps teams don't have to slow down when building innovative apps. -
4
Invicti
Invicti Security
Application security is noisy and overly complicated. The good news: you can relieve that unnecessary noise and dramatically reduce your risk of attacks with Invicti. Keeping up with security is more manageable with accurate, automated testing that scales as your needs shift and grow. That's where Invicti shines. With a leading dynamic application security testing solution (DAST), Invicti helps teams automate security tasks and save hundreds of hours each month by identifying the vulnerabilities that really matter. Combining dynamic with interactive testing (DAST + IAST) and software composition analysis (SCA), Invicti scans every corner of an app to find what other tools miss. With asset discovery, it's easier to discover all web assets — even ones that are lost, forgotten, or created by rogue departments. Through tried-and-true methods, Invicti helps DevSecOps teams get ahead of their workloads to hit critical deadlines, improve processes, and communicate more effectively. -
5
GlitchSecure
GlitchSecure
Continuous Security Testing for SaaS Companies - Built by Hackers Automatically assess your security posture with continuous vulnerability assessments and on-demand pentests. Hackers don't stop testing, and neither should you. We use a hybrid approach that combines testing methodologies built by expert hackers, a real-time reporting dashboard, and continuous delivery of high-quality results. We improve the traditional pentesting lifecycle by continually providing expert advice, remediation verification, and automated security testing throughout the entire year. Our dedicated team of experts works with you to properly scope and review your applications, APIs, and networks to ensure in-depth testing coverage all year. Let us help you sleep better at night.Starting Price: $6,600 per year -
6
Hacker AI
Hacker AI
Hacker AI is an artificial intelligence system that scans source code to identify potential security weaknesses that may be exploited by hackers or malicious actors. By identifying these vulnerabilities, organizations can take steps to fix the issues and prevent security breaches. Hacker AI is created by a French company based in Toulouse that uses a GPT-3 model. Please compress your project source code into a single Zip archive and upload it. Check your email, as you will receive the vulnerability detection report within 10 minutes. The Hacker AI is in the beta phase and the results it provides are not useful without the guidance of a cybersecurity expert with a background in code analysis. We do not sell or use your code source for malicious purposes. It is strictly used for the detection of vulnerabilities. If necessary, you can request a dedicated non-disclosure agreement (NDA) from us. You can also request a private instance.Starting Price: Free -
7
ObjectSecurity BinLens
ObjectSecurity
Conventional cybersecurity approaches are insufficient to protect today’s IT/OT/ICS software and devices. SBOM generation is limited to detecting only known vulnerabilities in published software. Source code analysis and static application security testing (SAST) produce too many false-positives, slowing down remediation. Network scanning fails in cases where devices are not connected to the network. Unlock deeper security insights with BinLens™— your all-in-one solution for advanced binary analysis. BinLens™ (formerly ObjectSecurity OT.AI Platform) uses an integrated approach, combining multiple techniques to uncover potential zero-days with unmatched precision. Powered by automated symbolic execution, it excels at detecting memory-safety violations and other undefined behaviors in binary programs, delivering a dramatically lower false-positive rate than competing tools. BinLens™ automates key manual reverse engineering tasks like static analysis, disassembly, and decompilation. -
8
ZeroPath
ZeroPath
ZeroPath is an AI-powered security platform designed to provide developers with effortless application security. By integrating seamlessly with existing CI/CD pipelines, ZeroPath enables continuous, human-level application security and pull request (PR) reviews. The platform's AI-driven code vulnerability scanning identifies and addresses issues such as broken authentication, logic bugs, and outdated dependencies. ZeroPath's methodology includes installing their GitHub app, which supports GitHub, GitLab, and BitBucket, to facilitate quick setup. The platform excels in detecting complex vulnerabilities that other scanners may overlook, offering faster security checks with fewer false positives. Instead of merely reporting bugs, ZeroPath issues PRs with patches when confident they won't disrupt the application, reducing noise and backlog growth. The platform's features encompass Static Application Security Testing (SAST), and detection of broken authentication and business logic flaws. -
9
DigitSec S4
DigitSec
S4 establishes Salesforce DevSecOps in the CI/CD pipeline in under an hour. S4 empowers developers to find & fix vulnerabilities before production where they can lead to a data breach. Securing Salesforce during development reduces risk and accelerates the pace of deployment. S4 for Salesforce™, our patented SaaS Security Scanner™, automatically assesses Salesforce security posture with its full-spectrum continuous application security testing (CAST) platform purpose-built to detect Salesforce vulnerabilities with its four integrated scans for fast and effortless detection. Static Source Code Analysis (SAST), Interactive Runtime Testing (IAST), Software Composition Analysis (SCA), and Cloud Security Configuration Review. Our static application security testing (SAST) engine is a core feature of S4, providing automated scanning and analysis of all custom source code in your Salesforce Org including Apex, VisualForce, Lightning Web Components, and related-JavaScript. -
10
Cyber Chief
Cyber Chief
The best way to keep hackers out is to first understand the security vulnerabilities they see in your software and network infrastructure. Thankfully, not only can Cyber Chief show you the vulnerabilities that hackers will exploit, it will show your developers how those vulnerabilities should be fixed. You can help your development team build the in-house capability you need to ensure your SaaS application has near zero security holes at every release. With Cyber Chief's on-demand vulnerability testing and best-practice, but easy-to-implement vulnerability fixes, your team will take control of securing your application. SaaS teams often put off application security activities because of a perception that it slows them down. Cyber Chief now helps you shift left with AppSec and turn it into smaller, more manageable chunks of work. This helps you ship new products & features as fast as ever, but with the extra advantage of added security.Starting Price: $96 per month -
11
PT Application Inspector
Positive Technologies
PT Application Inspector is the only source code analyzer providing high-quality analysis and convenient tools to automatically confirm vulnerabilities — significantly speeding up the work with reports and simplifying teamwork between security specialists and developers. The combination of static, dynamic, and interactive application security testing (SAST + DAST + IAST) delivers unparalleled results. PT Application Inspector pinpoints only real vulnerabilities so you can focus on the problems that actually matter. Accurate detection, automatic vulnerability verification, filtering, incremental scanning, and an interactive data flow diagram (DFD) for each vulnerability are special features that make remediation so much quicker. Minimize vulnerabilities in the final product and the costs of fixing them. Perform analysis at the earliest stages of software development. -
12
Inspectiv
Inspectiv
Identify complex security vulnerabilities and sensitive data exposures to reduce risk of security incidents and provide assurance to your customers. Bad actors are constantly finding new ways to compromise companies' systems, and new vulnerabilities are reintroduced every time a company pushes new code/product. Inspectiv's vigilant security researchers ensure your security testing evolves as the security landscape evolves. Fixing web and mobile application security vulnerabilities can be challenging, but the right guidance can help expedite remediation. Inspectiv simplifies the process of receiving and escalating vulnerability disclosures, and provides your team with clear, concise, and actionable vulnerability reports. Each vulnerability report demonstrates impact and provides clear remediation steps. Reports provide high level translation of risk to execs, detail to your engineers, and auditable references that integrate with ticketing systems. -
13
Comodo HackerProof
Comodo
Comodo revolutionizes the way you test your website's security. Learn more about this innovative technology to protect your visitors, only available through Comodo. Comodo's exclusive Corner of Trust technology ensures consistent placement of the HackerProof TrustLogo® throughout your website. The Comodo HackerProof exclusive Point to Verify technology invites more interaction, building trust for your web site. Comodo's exclusive, patent pending technologies enable you to present your credentials on your website instead of navigating off to a vendor site and potentially losing sales. Not vulnerable to popup blockers -- Comodo's patent-pending technology uses rollover functionality to show visitors that your site is, in fact, trusted. Not Self-Promoting - Unlike other vendors, Comodo does not intrude on your website visitors to take other actions and potentially steal your valuable business. -
14
StackHawk
StackHawk
StackHawk tests your running applications, services, and APIs for security vulnerabilities that your team has introduced as well as exploitable open source security bugs. Automated test suites in CI/CD are the norm for today’s engineering teams. Why should application security be any different? StackHawk is built to check for vulnerabilities in your pipeline. Built for developers is more than a tagline. It is the ethos of StackHawk. Application security has shifted left and developers need a tool for reviewing and fixing security findings. With StackHawk, application security can keep up with the pace of today’s engineering teams. Find vulnerabilities at the pull request and quickly push out fixes, all while yesterday’s security tools are waiting for someone to kick off a manual scan. A security tool that developers love to use, powered by the world’s most widely used open source security scanner.Starting Price: $99 per month -
15
EnProbe
Entersoft Security
Revolutionize your security strategy with the world's most advanced cybersecurity and application security product - engineered for the challenges of today and the future. Accessibility is one of the most celebrated characteristics of cloud computing, however, it also lays claim to its greatest vulnerability. With the Cloud, our data has the potential to be accessed from any device, at any time and from any place. This opens up numerous possibilities for hackers to recognize vulnerabilities before successfully taking advantage of them. EnProbe is a lightning fast, cloud based vulnerability assessment tool designed to help developers, entrepreneurs and administrators identify security vulnerabilities in their website. -
16
Coana
Socket
Traditional SCA tools do not distinguish between exploitable and unexploitable vulnerabilities. As a consequence, up to 95% of the vulnerabilities that developers are remediating 'are irrelevant and can be safely ignored. Coana employs reachability analysis to eliminate up to 95% false positives. As a consequence, developers only need to remediate the remaining few vulnerabilities that are relevant. With up to 95% of vulnerabilities being unreachable, you save time and resources by focusing only on the remaining few that pose a real threat. Pinpoint the exact locations in your code affected by reachable vulnerabilities. See exactly which dependency updates are necessary to remediate reachable vulnerabilities. Identify reachable vulnerabilities in both direct and indirect dependencies.Starting Price: $20 per user per month -
17
Pentest-Tools.com
Pentest-Tools.com
Pentest-Tools.com is built for actual security testing, not just detection. We provide the coverage, consolidation, and automation security teams need to optimize vulnerability assessment workflows. And we ensure the depth, control, and customization on which professional pentesters count to increase engagement quality and profitability. ✔️ Comprehensive toolkit with real-world coverage ✔️ Validated findings rich with evidence ✔️ Automation options with granular control ✔️ Flexible, high-quality reporting ✔️ Workflow-friendly by design Optimize and scale pentesting and vulnerability assessment workflows - without sacrificing accuracy, control, or manual testing depth. We launched Pentest-Tools.com in 2013 as a team of professional pentesters - and we've kept that mindset ever since. Our experts still drive product development today, focusing relentlessly on accuracy, speed, and control.Starting Price: $95 per month -
18
beSECURE
Beyond Security (Fortra)
A flexible, accurate, low maintenance Vulnerability Assessment and Management solution that delivers solid security improvements. Designed to get you the most accurate and fastest possible improvement in network security customized for your organization’s needs. Continually scan for network and application vulnerabilities. Daily updates and specialized testing methodologies to catch 99.99% of detectable vulnerabilities. Data driven, flexible reporting options to empower remediation teams. *Bug bounty program* for any discovered proven false positives! Complete organizational control. -
19
Hakware Archangel
Hakware
Hakware Archangel is an Artificial Intelligence based vulnerability scanner and pentesting tool. Archangel scanner enables organizations to monitor their networks, systems, and applications for security vulnerabilities with advanced Artificial intelligence continuously testing your environment. Why use Archangel? -Identify vulnerabilities before cyber criminals do -Our vulnerability scanning mitigates the risks of a data breach, which will come with a range of costs, including remediation, the loss of customers as a result of reputational damage and fines -Vulnerability scanning is not explicitly required by the GDPR (General Data Protection Regulation) or POPI (Protection Of Personal Information Act), but the -Regulation does require organisations that process personal data to ensure that they have implemented appropriate technical and organisational security measures – which includes identifying vulnerabilities -The international standard for information security, ISO 27001Starting Price: $100 -
20
Hacker Target
Hacker Target
Simplify the security assessment process with hosted vulnerability scanners. From attack surface discovery to vulnerability identification, actionable network intelligence for IT & security operations. Proactively hunt for security weakness. Pivot from attack surface discovery to vulnerability identification. Find security holes with trusted open source tools. Get access to tools used by penetration testers and security professionals around the world. Hunt vulnerabilities from the attackers perspective. Simulating real world security events, testing vulnerabilities and incident response. Discover the attack surface with tools and open source intelligence. Protect your network with improved visibility. Over 1 million scans performed last year. Our vulnerability scanners have been launching packets since 2007. Fixing security issues requires you find them. Identify the issue, re-mediate the risk and test again to be sure.Starting Price: $10 per month -
21
Strobes RBVM
Strobes Security
Strobes RBVM simplifies vulnerability management with its all-in-one platform, streamlining the process of identifying, prioritizing, and mitigating vulnerability risks across various attack vectors. Through seamless automation, integration, and comprehensive reporting, organizations can proactively enhance their cybersecurity posture. Integrate multiple security scanners, threat intel, & IT ops tools to aggregate thousands of vulnerabilities but only end up patching the most important ones by using our advanced prioritization techniques. Strobes Risk Based Vulnerability Management software goes beyond the capabilities of a standalone vulnerability scanner by aggregating from multiple sources, correlating with threat intel data and prioritising issues automatically. Being vendor agnostic we currently support 50+ vendors to give you an extensive view of your vulnerability landscape within Strobes itself.Starting Price: $999 -
22
Suavei
Suavei
Suavei Internet Security. Intelligent Threat Management for IoT. We detect your vulnerabilities before hackers do. Today, computer networks have open backdoors everywhere — especially in remote locations — even though a lot of capital is being spent in ineffective, time- and resource-consuming tools and processes to protect them. The number of attached network devices is exploding and each one of them has the potential to undermine even the most rigorous network security practices. Most enterprises have no visibility into 80% of the devices attached to their networks. Current cybersecurity products are clearly not sufficient to curb the increasing threats, in great part because they use old, static, techniques that are outdated and ineffective. In essence, Suavei was borne out of 3 fundamental issues we identified in other active vulnerability scanning products: They don’t identify the devices accurately and reliably. They can’t handle slow network environments. -
23
SiteLock
SiteLock
We secure websites by automatically finding and fixing threats. Automatically protect your website, reputation, and visitors against cyberthreats. Comprehensive website security software protects your website from malicious cyber threats. This includes the protection of your site code and web applications. Depending on your website security package, you’ll receive daily website scans, automated malware removal, and vulnerability/CMS patching, as well as a web application firewall to block harmful traffic before it ever reaches your site. Our website security scan instantly checks your website from malware, viruses and other cyber threats and alerts you to found issues. Detect and automatically remove malicious content from your website, creating a safe experience for your customers. Easily check for website vulnerabilities in your CMS with our vulnerability scanner before they are exploited. -
24
Vulkyrie
Vulkyrie
More than 100,000 vulnerabilities were reported for commonly used software over the last five years. In 2019 alone, more than 22,000 were reported and 1 out of 3 was given a High or Critical severity rating. Our free vulnerability scanning can help find your security issues before the bad guys do. Our Free plan comes with no limits on the number of IP addresses and URLs, and no limits on the number of vulnerability scans you can run. Unlike free trials, free versions or community editions of other vulnerability assessment tools, you no longer have to choose between your web servers, Windows servers, network devices or virtual machines. Take the first step towards better vulnerability management without the complexity and steep learning curve. Our web-based solution provides you with an easy-to-use interface to manage your security testing. Simply add your IP address or URL to start a scan and use our portal to get the issues and recommended security measures.Starting Price: $99 per month -
25
Outpost24
Outpost24
Understand your attack surface with a unified view and reduce cyber exposure from an attacker’s view with continuous security testing across networks, devices, applications, clouds and containers. Having more information alone won’t help you. Even the most experienced security team can be blindsided by the sheer amount of alerts and vulnerabilities they have to deal with. Powered by threat intelligence and machine learning our tools provide risk-based insights to help prioritize remediation and reduce time to patch. Our predictive risk based vulnerability management tools ensure your network security is proactive – helping you reduce time to remediation and patch more effectively. The industry’s most complete process to continuously identify application flaws and secure your SDLC for safer and faster software releases. Secure your cloud migration with cloud workload analytics ,CIS configuration assessment and contain inspection for multi and hybrid clouds. -
26
Bytesafe
Bitfront
Increase your open source security posture with automated best practices, with a unified workflow for security and developer teams. The cloud-native security platform reduces risk and protects revenue, without slowing down developers. The dependency firewall quarantines malicious open source before reaching developers and infrastructure, protecting data, assets, and company reputation. Our policy engine evaluates threat signals such as known vulnerabilities, license information, and customer-defined rules. Having insight into what open-source components are used in applications is crucial to avoid exploitable vulnerabilities. Software Composition Analysis (SCA) and dashboard reporting give stakeholders a holistic overview with immediate insights into the current situation. Discover when new open-source licenses are introduced in the codebase. Automatically track license compliance issues and restrict problematic or unlicensed packages.Starting Price: €1100 per month -
27
Trivy
Aqua Security
Trivy is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues. Trivy supports the most popular programming languages, operating systems, and platforms. Trivy is available in the most common distribution channels. Trivy is integrated with many popular platforms and applications. Trivy is integrated into many popular tools and applications so that you can easily add security to your workflow. Find vulnerabilities, misconfigurations, secrets, and SBOM in containers, Kubernetes, code repositories, clouds, and more.Starting Price: Free -
28
Scuba Database Vulnerability Scanner. Download Scuba, a free tool that uncovers hidden security risks. Scan enterprise databases for vulnerabilities and misconfiguration. Know the risks to your databases. Get recommendations on how to mitigate identified issues. Available for Windows, Mac, Linux (x32), and Linux (x64), Scuba offers over 2,300 assessment tests for Oracle, Microsoft SQL, SAP Sybase, IBM DB2 and MySQL. Scuba is a free tool that scans leading enterprise databases for security vulnerabilities and configuration flaws, including patch levels, that allows you to uncover potential database security risks. It includes more than 2,300 assessment tests for Oracle, Microsoft SQL Server, SAP Sybase, IBM DB2 and MySQL. It’s possible to run a Scuba scan from any Windows, Mac or Linux client. Depending on your database size, users, groups and network connection, an average Scuba scan normally takes 2-3 minutes. No pre-installation or other dependencies are required.
-
29
DefectDojo
10Security
Take DefectDojo for a spin and review the demo of DefectDojo and login with sample credentials. DefectDojo is available on Github and has a setup script for easy installation. A docker container with a pre-built version of DefectDojo is available. Know exactly when new vulnerabilities are introduced in a build or remediated. Tracking when a product is assessed is easily accomplished using DefectDojo's API to track security tests that are run on each build. DefectDojo has the ability to track the build-id, commit hash, branch or tag, orchestration server, source code repo, and build server for every on-demand security test. Various reports are available for tests, engagements, and products. Products can be grouped into critical products to track products that are critical to your organization. Similar findings can be easily merged into one finding to provide developers one finding instead of multiple findings. -
30
OpenAI Codex
OpenAI
OpenAI Codex is an advanced AI coding tool designed to assist software developers by automating many tasks in their coding workflow. It allows users to delegate tasks such as writing features, answering codebase questions, running tests, and proposing pull requests (PRs) for review. Codex works in parallel, handling multiple tasks simultaneously in secure cloud sandboxes preloaded with your repository. This tool helps developers move through their backlog faster and more efficiently, making it an invaluable asset for teams looking to streamline their development process. -
31
XBOW
XBOW
XBOW is an AI-powered offensive security platform that autonomously discovers, verifies, and exploits vulnerabilities in web applications without human intervention. By executing high-level commands against benchmark descriptions and reviewing outputs it solves a wide array of challenges, from CBC padding oracle and IDOR attacks to remote code execution, blind SQL injection, SSTI bypasses, and cryptographic exploits, achieving success rates up to 75 percent on standard web security benchmarks. Given only general instructions, XBOW orchestrates reconnaissance, exploit development, debugging, and server-side analysis, drawing on public exploits and source code to craft custom proofs-of-concept, validate attack vectors, and generate detailed exploit traces with full audit trails. Its ability to adapt to novel and modified benchmarks demonstrates robust scalability and continuous learning, dramatically accelerating penetration-testing workflows. -
32
Data Theorem
Data Theorem
Inventory your apps, APIs, and shadow assets across your global, multi-cloud environment. Establish custom policies for different types of asset groups, automate attack tools, and assess vulnerabilities. Fix security issues before going into production, making sure application and cloud data is compliant. Auto-remediation of vulnerabilities with rollback options to stop leaky data. Good security finds problems fast, but great security makes problems disappear. Data Theorem strives to make great products that automate the most challenging areas of modern application security. The core of Data Theorem is its Analyzer Engine. Utilize the Data Theorem analyzer engine & proprietary attack tools to hack and exploit application weaknesses continuously. Data Theorem has built the top open source SDK called TrustKit, used by thousands of developers. Our technology ecosystem continues to grow so that customers can continue to secure their entire Appsec stack with ease. -
33
Indusface WAS
Indusface
Get the most comprehensive application security audit done today. Indusface WAS with its automated scans & manual pen-testing ensures none of the OWASP Top10, business logic vulnerabilities and malware go unnoticed. With zero false positive guarantee and comprehensive report with remediation guidance, Indusface web app scanning ensures developers quickly fixes vulnerabilities. The proprietary scanner built ground up, keeping js framework driven, single page applications in mind to provide complete & intelligent crawling. With latest threat intelligence, get extensive web app scanning for vulnerabilities, and malware. Support on a functional understanding of logical flaws for an in-depth security audit.Starting Price: $49 per month -
34
Workik
Workik
Workik's AI code generator is a versatile tool that streamlines software development by automating code generation, debugging, testing, and migration across various programming languages and frameworks. It offers features such as instant code generation, customizable context integration (like APIs, libraries, codebases, and database schemas), cross-language code support, and seamless integration with popular EHR systems. Designed to enhance productivity, Workik integrates effortlessly with existing workflows, ensuring minimal disruption. Workik is HIPAA-compliant, safeguarding patient data with industry-leading security measures. Workik allows you to pre-define the context and behavior of the AI engine. You can customize the AI's responses based on your programming style, database architecture, and project-specific needs. Workik's context-setting feature allows users to add their existing codebase context and continue their development.Starting Price: $15 per month -
35
QuickPatch+
Imunify360
Vulnerability scanner for Plesk that provides reliability, configuration recommendations and automatic fixes for servers running Plesk control panel. Quick Patch+: Analyzes your server configuration and allows you to select and fix vulnerabilities from within the UI; Allows you to configure the automatic daily fix of all vulnerabilities, or only critical ones; Provides email and dashboard notifications for automatically fixed vulnerabilities and newly discovered critical vulnerabilities. If your website or web application’s security is compromised, it can become unresponsive, unavailable, or even dangerous. The impact on your business can be substantial. For a small monthly fee, you can protect your web server with a hands-off, automated approach.Starting Price: $6 per server per month -
36
RedSentry
RedSentry
The quickest, most affordable penetration testing and vulnerability management solutions to help you get compliant and keep all of your assets secure, year around. Our pentest report format is easy to understand and will give you all the information you need to secure your environment. We’ll provide a customized plan of action to help you combat any vulnerabilities, prioritize based on severity, and improve your security posture. Our pentest report format is easy to understand and will give you all the information you need to secure your environment. We’ll provide a customized plan of action to help you combat any vulnerabilities, prioritize based on severity, and improve your security posture. -
37
SecurityMetrics Perimeter Scan
SecurityMetrics
Comprehensive Vulnerability Assessment Scan For Network Security. Vulnerability scans and network scans find top cybersecurity risks such as misconfigured firewalls, malware hazards, remote access vulnerabilities, and can be used for cyber security or compliance mandates like PCI Compliance (PCI DSS) and HIPAA. Add and remove your own targets through your Perimeter Scan Portal. You can mass upload scan targets and groups. You can group and label scan targets to make it easier to manage by location, network type, or unique circumstances at your organization. Run port scans on your most sensitive targets more frequently, test in scope PCI targets quarterly, or test designated IPs after changes to your network with simplicity. Vulnerability scanning reports list the target, vulnerability type, service (e.g., https, MySQL, etc.), and the severity of each vulnerability (low, medium, high).Starting Price: $99.00/one-time -
38
Seal Security
Seal Security
Redefine open source vulnerability and patch management with Seal Security. Easy integration directly into your existing SDLC, and workflows. Standalone security patches for immediate resolution of critical security issues. Predictable remediation and optimal resource allocation, with centralized control and reduced R&D dependency. Streamline your open source vulnerability remediation without introducing the risk of breaking changes. Say goodbye to alert fatigue and start patching with Seal Security. Pass every product security scan with confidence. Seal Security provides immediate remediation for open source vulnerabilities. By meeting your customers' SLAs and offering a vulnerability-free product, you can ensure customer trust and fortify your market standing. Seal Security seamlessly integrates with various coding languages, patch management systems, and open source platforms through powerful APIs and CLI.Starting Price: Free -
39
Edgescan
Edgescan
Validated web application vulnerability scanning on-demand when you want it, and scheduled as often as you need. Validation and rating of risk, trending and metrics on a continuous basis, all available via our rich dashboard for superior security intelligence. You can use the vulnerability scanning and validation service as much as you like, Retest on demand. Edgescan can also alert you if a new vulnerability is discovered via SMS/email/Slack or Webhook. Server Vulnerability Assessment (Scanning and Validation) covering over 80,000 tests. Designed to help ensure your deployment be it in the cloud or on premise is secure and configured securely. All vulnerabilities are validated and risk rated by experts and available via the dashboard to track and report on when required. Edgescan is a certified ASV (Approved Scanning Vendor) and exceeds requirements of the PCI DSS by providing continuous, verified vulnerability assessments. -
40
ManageEngine Vulnerability Manager Plus
ManageEngine
Enterprise vulnerability management software. Vulnerability Manager Plus is an integrated threat and vulnerability management software that delivers comprehensive vulnerability scanning, assessment, and remediation across all endpoints in your network from a centralized console. Scan and discover exposed areas of all your local and remote office endpoints as well as roaming devices. Leverage attacker-based analytics, and prioritize areas that are more likely to be exploited by an attacker. Mitigate the exploitation of security loopholes that exist in your network and prevent further loopholes from developing. Assess and prioritize vulnerabilities based on exploitability, severity, age, affected system count, as well as the availability of the fix. Download, test, and deploy patches automatically to Windows, Mac, Linux, and over 250 third-party applications with an integral patching module—at no additional cost.Starting Price: $695 per user per year -
41
PHP Secure
PHP Secure
PHP Secure is a FREE code scanner that analyzes your PHP code for critical security vulnerabilities. Free online scanner: - Quickly and qualitatively finds web app vulnerabilities - Gives explicit reports and recommendations to fix vulnerabilities - Easy to use and requires no specialized knowledge - Reduces risk, saves budget, and boosts productivity PHP Secure Scanner is suitable for analyzing sites on Php, framework Laravel, and CMS Wordpress, Drupal and Joomla. PHP Secure detects the most common and dangerous types: -SQL injection vulnerabilities -Command Injection -Cross-Site Scripting (XSS) Vulnerabilities -PHP Serialize Injections -Remote Code Executions -Double Escaping -Directory Traversal -Regular Expression Denial of Service (ReDos) -
42
Reconwithme
ReconwithMe
The application industry is growing at a rapid rate. Web and Mobile applications are the go-to tools for people, businesses and organizations. With the increasing growth in the use of these applications, there has been growth in cyber attacks as well. Use Reconwithme to automatically detect and patch security vulnerabilities present in your web application. Reports to understand vulnerabilities and ways to fix them. Get complete reports, for both executive and for developers, and steps to reproduce the vulnerability and recommendation to fix it. Track and prioritize bugs according to severity and a triage team upon request to help fix the vulnerabilities.Starting Price: $25 per month -
43
Intruder
Intruder
Intruder is an international cyber security company that helps organisations reduce their cyber exposure by providing an effortless vulnerability scanning solution. Intruder’s cloud-based vulnerability scanner discovers security weaknesses across your digital estate. Offering industry-leading security checks, continuous monitoring and an easy-to-use platform, Intruder keeps businesses of all sizes safe from hackers. Receive actionable results prioritised by context. Intruder interprets raw data received from leading scanning engines, so you can focus on the issues which truly matter, such as exposed databases. Intruder's high-quality reports help you sail through customer security questionnaires, and make compliance audits like SOC2, ISO27001, and Cyber Essentials a breeze. -
44
YAG-Suite
YAGAAN
The YAG-Suite is a French made innovative tool which brings SAST one step beyond. Based on static analysis and machine learning, YAGAAN offers customers more than a source code scanner : it offers a smart suite of tools to support application security audits as well as security and privacy by design DevSecOps processes. Beyond classic vulnerability detection, the YAG-Suite focuses the team attention on the problems that really matter in their business context, it supports developers in their understanding of the vulnerability causes and impacts. Its contextual remediation support them in fixing efficiently the problems while improving their secure coding skills. Additionally, YAG-Suite's unprecedented 'code mining' support security investigations of an unknown application with mapping all relevant code features and security mechanisms and offers querying capabilities to search for 0-days or non automatically detectable risks. PHP, Java and Python are supported. JS, C/C++ coming soonStarting Price: From €500/token or €150/mo -
45
Alibaba Cloud Security Scanner
Alibaba
Cloud Security Scanner utilizes data, white hat penetration testing, and machine learning to provide an all-in-one security solution for domains and other online assets. CSS detects web vulnerabilities, illicit content, website defacement, and backdoors to prevent possible financial loss caused by damage to your brand reputation. Cloud Security Scanner comprehensively detects any risks to your website and online assets, such as web vulnerabilities, weak passwords, website defacement, and Trojan attacks. The system scans all source code, text, and images for vulnerabilities. Developed through penetration testing, WTI has built-in multi-layer verification rules to ensure high accuracy of vulnerability detection. The system uses comprehensive decision making and model-based analysis, to provide accurate detection of content risks. Submit any questions about the scanning results to our team of experts. -
46
Vega
Subgraph
Vega can help you find and validate SQL Injection, cross-site scripting, inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. Vega can help you find vulnerabilities such as: reflected cross-site scripting, stored cross-site scripting, blind SQL injection, remote file include, shell injection, and others. Vega also probes for TLS / SSL security settings and identifies opportunities for improving the security of your TLS servers. Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds, SQL injection, and other vulnerabilities. Vega includes a website crawler powering its automated scanner. Vega can automatically log into websites when supplied with user credentials. -
47
Probely
Probely
Probely is a web vulnerability scanner for agile teams. It provides continuous scanning of web applications and lets you efficiently manage the lifecycle of the vulnerabilities found, in a sleek and intuitive web interface. It also provides simple instructions on how to fix the vulnerabilities (including snippets of code), and by using its full-featured API, it can be integrated into development processes (SDLC) and continuous integration pipelines (CI/CD), to automate security testing. Probely empowers developers to be more independent, solving the security teams' scaling problem, that is usually undersized when compared to development teams, by providing developers with a tool that makes them more independent when it comes to security testing, allowing security teams to focus on more important and critical activities. Probely covers OWASP TOP10 and thousands more and can be used to check specific PCI-DSS, ISO27001, HIPAA, and GDPR requirements.Starting Price: $49.00/month -
48
Studio Bot
Google
Studio Bot is your coding companion for Android development. It's a conversational experience in Android Studio that helps you be more productive by answering Android development queries. It's powered by artificial intelligence and can understand natural language, so you can ask development questions in plain English. Studio Bot can help Android developers generate code, find relevant resources, learn best practices, and save time. Studio Bot is still an early experiment, and might sometimes provide inaccurate, misleading or false information while presenting it confidently. Studio Bot might give you working code that doesn't produce the expected output, or provide you with code that is not optimal or incomplete. Always double-check Studio Bot's responses and carefully test and review code for errors, bugs, and vulnerabilities before relying on it. Studio Bot's new capabilities can help you by offering new ways to write code, create test cases, or update APIs. -
49
Veracode
Veracode
Veracode offers a holistic, scalable way to manage security risk across your entire application portfolio. We are the only solution that can provide visibility into application status across all testing types, including SAST, DAST, SCA, and manual penetration testing, in one centralized view. -
50
Sysdig Secure
Sysdig
Cloud, container, and Kubernetes security that closes the loop from source to run. Find and prioritize vulnerabilities; detect and respond to threats and anomalies; and manage configurations, permissions, and compliance. See all activity across clouds, containers, and hosts. Use runtime intelligence to prioritize security alerts and remove guesswork. Shorten time to resolution using guided remediation through a simple pull request at the source. See any activity within any app or service by any user across clouds, containers, and hosts. Reduce vulnerability noise by up to 95% using runtime context with Risk Spotlight. Prioritize fixes that remediate the greatest number of security violations using ToDo. Map misconfigurations and excessive permissions in production to infrastructure as code (IaC) manifest. Save time with a guided remediation workflow that opens a pull request directly at the source.