Alternatives to OWASP Threat Dragon
Compare OWASP Threat Dragon alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to OWASP Threat Dragon in 2026. Compare features, ratings, user reviews, pricing, and more from OWASP Threat Dragon competitors and alternatives in order to make an informed decision for your business.
-
1
Resurface
Resurface Labs
Resurface is a runtime API security solution. Detect and respond to API threats and risk in real-time with Resurface continuous API scanning. Purpose-built for API data, Resurface captures complete request and response payloads (including GraphQL) to instantly see threats and failures. Get alerts on data breaches for zero-day detection and response. Mapped to OWASP Top10, Resurface alerts on threats with complete data security patterns and behaviors. Resurface is self-hosted, all data is first-party, installed with a single Helm command. Resurface is the only API security solution engineered for deep inspection at scale. Handling millions of API calls, Resurface detects and alerts on active attacks. Machine learning models indicate anomalies and identify low-and-slow attack patterns.Starting Price: $9K/node/year -
2
IriusRisk
IriusRisk
Build-Safer-Faster with the AI Threat Modeling Tool. IriusRisk empowers the world's leading organizations to be Secure by Design. For enterprise software teams in highly regulated industries (Financial Services, Healthcare, Critical Infrastructure, Government), IriusRisk is the only threat modeling platform that combines AI and industry-specific security frameworks, with comprehensive training and onboarding to deliver proactive risk management at the speed of modern development. IriusRisk enables teams to ship features against Secure by Design initiatives, while meeting the most stringent compliance requirements. -
3
Fork
VerSprite Cybersecurity
Fork is a SaaS threat modeling platform that empowers security and product teams to perform continuous, risk-centric application threat assessments using the proven PASTA (Process for Attack Simulation and Threat Analysis) methodology, helping them identify the most likely and impactful risks in under two hours and align security with business priorities. It combines industry-focused threat libraries with real-time vulnerability data and threat intelligence to quantify residual risk accurately, support business impact analysis, and enforce quality gates throughout the threat modeling process. Fork provides a unified security insights dashboard that correlates threats with your application’s attack surface and integrates trusted frameworks and taxonomies such as MITRE, OWASP, CWE, CVE (with EPSS), CAPEC, ATT&CK, D3FEND, and ASVS to drive targeted mitigations and actionable outcomes. -
4
Devici
Security Compass
Devici is a diagram-focused threat modeling tool that helps AppSec teams and DevSecOps engineers create clear, repeatable models without relying on scattered diagrams or manual documents. Teams map system components, describe their behavior through attributes, and Devici identifies relevant threats and possible mitigations from its maintained library. The platform supports real-time collaboration, reusable patterns, templates, and version history, which helps groups standardize how they document risks across applications. Developers can contribute without needing deep threat modeling knowledge, while security teams can guide reviews and maintain consistency. Devici offers a practical way to keep threat models current as designs change and reduces the effort required to move from architecture diagrams to actionable security decisions.Starting Price: Free -
5
Microsoft Threat Modeling Tool
Microsoft
Threat modeling is a core element of the Microsoft Security Development Lifecycle (SDL). It’s an engineering technique you can use to help you identify threats, attacks, vulnerabilities, and countermeasures that could affect your application. You can use threat modeling to shape your application's design, meet your company's security objectives, and reduce risk. The Microsoft Threat Modeling Tool makes threat modeling easier for all developers through a standard notation for visualizing system components, data flows, and security boundaries. It also helps threat modelers identify classes of threats they should consider based on the structure of their software design. We designed the tool with non-security experts in mind, making threat modeling easier for all developers by providing clear guidance on creating and analyzing threat models. -
6
ThreatModeler
ThreatModeler
ThreatModeler™ enterprise threat modeling platform is an automated solution that simplifies efforts associated with developing secure applications. We fill a critical and growing need among today's information security professionals: to build threat models of their organizations' data, software, hardware, and infrastructure at the scale of the IT ecosystem and at the speed of innovation. ThreatModeler™ empowers enterprise IT organizations to map their unique secure requirements and policies directly into their enterprise cyber ecosystem – providing real-time situational awareness about their threat portfolio and risk conditions. CISOs and other InfoSec executives gain a comprehensive understanding of their entire attack surface, defense-in-depth strategy, and compensating controls, so they can strategically allocate resources and scale their output. -
7
Tutamen Threat Model Automator
Tutamantic Sec
Ease of use, common taxonomies, flexible output. It's all here. The Tutamen Threat Model Automator is designed to enable security at the architectural stage, where the cost of fixing flaws is the lowest. Reduce human error and inconsistencies with single input of variables. Make a living threat model that changes when the design changes. The Tutamen Threat Model Automator has the ability to generate multiple reports for different stakeholder groups in your company, not just on your project. You already know how to use it. There is no new software to learn. The Tutamen Threat Model Automator allows you to enter threat data using tools you already know, like Microsoft Visio and Excel. -
8
ARIA ADR
ARIA Cybersecurity Solutions
ARIA Advanced Detection and Response (ADR) is an automated AI SOC solution purpose-built with the capabilities of seven security tools — including SIEMs, IDS/IPSs, EDRs, Threat Intel tools, NTAs, UEBAs, and SOARs. With this single, comprehensive solution organizations will no longer have to settle for limited threat surface coverage or struggle to integrate and maintain disparate tools at substantial cost and little return. ARIA ADR’s machine learning-powered threat models, guided by AI, can find and stop the most harmful network-borne threats such as ransomware, malware, intrusions, zero-day attacks, APTs and more—in just minutes. This is a powerful advantage over most traditional security operations approaches that surface more noise than threats and require highly-trained security operations staff. There is also a cloud-based version of ARIA ADR which is a great entry level option for organizations. -
9
Comodo Dragon Platform
Comodo
Our completely cloud-native framework delivers you zero day protection against undetectable threats while defending your endpoints from known threat signatures. Comodo introduced a new approach to endpoint protection, engineered to solve the issue of legacy security solutions. The Dragon platform delivers the foundation principles for complete next-generation endpoint protection. Easily improve your cybersecurity and performance with the Dragon Platform's lightweight agent delivering artificial intelligence (AI) and Auto Containment to stop all threats. Comodo delivers everything cybersecurity you ever needed to activate breach protection immediate value added from day one. 100% trusted verdict within 45 seconds on 92% of signatures via analysis, and 4 hours SLA on the remaining 8% via human experts. Automatic signature updates that simplifies deployment across your entire environment to lower operational costs. -
10
Threagile
Threagile
Threagile enables teams to execute Agile Threat Modeling as seamless as possible, even highly-integrated into DevSecOps environments. Threagile is the open-source toolkit which allows to model an architecture with its assets in an agile declarative fashion as a YAML file directly inside the IDE or any YAML editor. Upon execution of the Threagile toolkit a set of risk-rules execute security checks against the architecture model and create a report with potential risks and mitigation advice. Also nice-looking data-flow diagrams are automatically created as well as other output formats (Excel and JSON). The risk tracking can also happen inside the Threagile YAML model file, so that the current state of risk mitigation is reported as well. Threagile can either be run via the command-line (also a Docker container is available) or started as a REST-Server.Starting Price: Free -
11
CAIRIS
CAIRIS
From assets to countermeasures, factoids to personas, and requirements to architectural components, enter or import a wide range of security, usability, and requirements data to find new insights ranging from interconnections between requirements and risks, to the justification behind persona characteristics. No single view captures a complex system, so automatically generate 12 different views of your emerging design from perspectives ranging from people, risks, requirements, architecture, and even physical location. Automatically generate threat models such as Data Flow Diagrams (DFDs) as your early stage design evolves. Leverage open source intelligence about potential attacks and candidate security architectures to measure your attack surface. Show all the security, usability, and design elements associated with your product's risks.Starting Price: Free -
12
Varonis Data Security Platform
Varonis
The most powerful way to find, monitor, and protect sensitive data at scale. Rapidly reduce risk, detect abnormal behavior, and prove compliance with the all-in-one data security platform that won’t slow you down. A platform, a team, and a plan that give you every possible advantage. Classification, access governance and behavioral analytics combine to lock down data, stop threats, and take the pain out of compliance. We bring you a proven methodology to monitor, protect, and manage your data informed by thousands of successful rollouts. Hundreds of elite security pros build advanced threat models, update policies, and assist with incidents, freeing you to focus on other priorities. -
13
A tidal wave of vulnerabilities, but you can’t fix them all. Rely on extensive threat intel and patented prioritization to cut costs, save time, and keep your teams efficiently focused on reducing the biggest risks to your business. This is Modern Risk-Based Vulnerability Management. We created Risk-Based Vulnerability Management software and now we’re defining the modern model. Show your security and IT teams which infrastructure vulnerabilities they should remediate, when. Our latest version reveals exploitability can be measured, and accurately measuring exploitability can help you minimize it. Cisco Vulnerability Management (formerly Kenna.VM) combines real-world threat and exploit intelligence and advanced data science to determine which vulnerabilities pose the highest risk and which you can deprioritize. Spoiler alert: Your mega-list of “critical vulnerabilities” will shrink faster than a woolen sweater-vest in a hot cycle.
-
14
ThreatX
A10 Networks
Block cyber threats in hours with SaaS, on-prem, or Docker native-cloud deployment in your private cloud or provider (AWS, Azure). IP fingerprinting, and application and attack profiling continually combine and correlate to identify, track and assess threat actors. Where other security solutions rely on signatures, static rules and single attacks, ThreatX builds a dynamic profile of every threat actor as they move through the threat lifecycle. ThreatX easily monitors bots and high-risk attackers to predict and prevent layer 7 application attacks, including the top OWASP and zero-day threats, and DDoS attacks. -
15
MITRE ATT&CK
MITRE ATT&CK
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge. Adversaries may execute active reconnaissance scans to gather information that can be used during targeting. Active scans are those where the adversary probes victim infrastructure via network traffic, as opposed to other forms of reconnaissance that do not involve direct interaction. -
16
Modshield SB
StrongBox IT
Modshield SB Web Application Firewall (WAF) – Powered by Modsecurity and OWASP CRS, is tailor-made to fit all your application security needs. Modshield SB is packed with security features that enable a 360-degree protection for your applications and hosting infrastructure. Powered by the OWASP Core Ruleset, Modshield SB provides optimal coverage against OWASP Top 10 threat vectors, automation protection and protection against credential stuffing attacks. Why Modshield SB Web Application firewall? Modshield SB helps you to commit to your business users, Confidentialty, Integrity and Availability of business applications. Implementing an enterprise grade first line of defense, for your applications has never been simpler. Powered by the OWASP Core Ruleset, Modshield SB inherently protects all your applications against the OWASP Top 10 threats. You are no longer required to run a seperate Load Balancer. Take advantage of Modshield SB's built-in load balancer.Starting Price: $0.58 per hour -
17
open-appsec
open-appsec
automatic web application & API security using machine learning open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks. It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways. open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions. -
18
ZeroThreat.ai
ZeroThreat Inc.
ZeroThreat.ai is an automated penetration testing and vulnerability scanning platform designed to secure web applications and APIs. It detects, prioritizes, and helps mitigate over 40,000+ vulnerabilities, including OWASP Top 10 and CWE Top 25 issues such as logic flaws, misconfigurations, and data leaks. With near-zero false positives and AI-generated remediation reports, ZeroThreat.ai enables security and development teams to identify and fix vulnerabilities up to 10x faster. It integrates seamlessly with CI/CD pipelines, Slack, and Microsoft Teams for continuous testing and real-time alerts. Built for startups and enterprises alike, ZeroThreat.ai delivers speed, accuracy, and scalability, ensuring secure releases and continuous protection against evolving threats.Starting Price: $100/Target -
19
WebOrion Protector
cloudsineAI
WebOrion Protector is an enterprise-grade web application firewall (WAF) designed to deliver unmatched protection using the OWASP Core Rule Set (CRS). Built on the advice of the global OWASP community's leading experts in web application security, it leverages an intelligent anomaly-scoring, heuristics, and signature-based engine to defend against threats and exploits covered by the OWASP top 10 web application security risks. Rapidly respond to zero-day threats with seamless virtual patching and a powerful user interface built to streamline monitoring, analytics, and fine-tuning, with both entry-level and advanced users in mind. WebOrion Protector also comes equipped with specialized rulesets to protect login pages, WordPress sites, and more. It inspects all incoming and outgoing web traffic for your website with minimal performance impact. -
20
whiblo
braf.tech
whiblo is an internal SaaS application for reporting threats or harm to the public interest in the context of work in your organization. whiblo is an intuitive and efficient solution that guarantees anonymity for whistleblowers during the whole process and gives them level of security not provided by other internal channels. In terms of data storage, the application uses the infrastructure provider’s ISO 27001 certification. Regarding the security of the information stored and access to it, security and penetration tests have been performed by an independent auditor. The system has been designed in accordance with the OWASP standard. The application offers: - reporting threats in compliance to Directive (EU)2019/1937 and local regulations - anonymity - users profiles - additional fields in forms - possibility to add attachments on both sides - reportsStarting Price: €38/month -
21
UltraWAF
Vercara
Vercara UltraWAF is a cloud-based web application protection service that protects against threats that target the application layer. As a cloud-based WAF solution, UltraWAF protects your applications from data breaches, defacements, malicious bots, and other web application-layer attacks. By protecting your applications no matter where they are hosted, UltraWAF simplifies your operations through consistently configured rules with no provider restrictions or hardware requirements. UltraWAF equips your company with adaptable security features to counteract the most significant network and application-layer threats, including SQL injection, XSS, and DDoS attacks. Its always-on security posture, combined with cloud-based scalability, ensures comprehensive protection against the OWASP top 10, advanced bot management, and vulnerability scanning, allowing you to effectively shield your critical and customer-facing applications from emerging threats. -
22
DragonForce
Drakontas
DragonForce is a mobile team collaboration platform that delivers mission-critical command and control and incident management capabilities. The DragonForce collaborative experience is delivered via the DragonForce Mobile and DragonForce Web clients. Dragonforce was able to provision and deploy users within less than an hour and train the city of Salem users to augment their systems in their new Emergency Operations Center to monitor, adapt, and react to any situation that could arise during that time. DragonForce was utilized in the planning, performance and execution to secure the president and his security detail as he arrived and gave his speech to the international public safety leaders. The activities involved with the coordination included Riot / Protestor Monitoring, Presidential Security, SWAT Sniper tracking, -
23
NSFOCUS WAF
NSFOCUS
Shield your applications with our versatile WAF, a critical component of defense-in-depth security. Deploy it as a standalone solution, seamlessly integrate it with our ADS series for enhanced protection, or leverage its cloud-based deployment for unrivaled flexibility. Protect APIs from a wide range of attacks. Detect and block bots that are trying to access web applications. Analyze the behavior of users to identify and block malicious traffic. Can be deployed in the cloud, easier to scale and manage. Virtually patch vulnerabilities in web applications without requiring the application to be updated. Unleash the power of next-generation web application security with our cutting-edge WAF, designed to safeguard your applications from evolving threats. Our solution harnesses the power of semantic analysis, intelligent analytics, threat intelligence, and smart patching to identify and neutralize a vast range of web attacks, including all OWASP top 10 attacks, DDoS attacks, etc. -
24
Comodo IceDragon
Comodo Security Solutions
IceDragon features privacy and performance enhancements over the Firefox core browser as well as additional features such as SiteInspector malware scanning, Comodo Secure DNS and improved social media functionality. Fast, easy to use and light on PC resources. Scan web-pages for malware right from the browser. Lightning fast page loads with integrated DNS service. Privacy and performance enhancements over Firefox core. Full compatibility with Firefox plug-ins. Comodo IceDragon is a fast and versatile Internet browser based on Mozilla Firefox which features several security, performance and feature enhancements over the core build. Fully compatible with Firefox plug-ins and extensions, IceDragon combines the freedom and functionality of Firefox with the unparalleled security and privacy of Comodo. Comodo IceDragon is a fast and versatile internet browser based on Mozilla Firefox which features several security, performance and feature enhancements over the core build. -
25
FreightDragon
FreightDragon
FreightDragon™ can process your leads, quotes, orders and marketing campaigns in a more efficient to help your business become more productive with less stress. Our easy-to-use system was developed with the user in mind, this way we can ensure a flawless transition from obsolete systems. An easy-to-use application that includes mobile application integration for even faster and easier management of your business. FreightDragon™ can accept leads and detect duplicates from any 3rd party source, even your own website! Each salesperson can easily manage their leads in FreightDragon™. It's fast and simple to price them and send a personalized email. Close more business through our Customer Relationship Management (CRM) functionality that ensures no leads will slip through the cracks. FreightDragon™ has made quoting new customers and current customers easier than ever. Each salesperson can easily manage their Quotes in FreightDragon™ cloud base software for Auto Transport Brokers. -
26
TROJAI
TROJAI
Even the best AI models can have hidden risks. Identify and address potential problems before they impact your business, ensuring smooth AI adoption and compliance. AI applications are vulnerable to new and sophisticated attacks. Stay ahead of the curve by protecting your models and applications from data poisoning, prompt injection, and other emerging threats. Leverage cutting-edge public AI services with confidence. We help you ensure responsible use and prevent data leaks, so you can focus on innovation without worry. The TROJAI security platform enables organizations to comply with benchmarks such as the OWASP AI framework as well as privacy regulations by testing models prior to deployment and protecting applications from things such as sensitive data loss once deployed. -
27
Barracuda Application Protection
Barracuda
Barracuda Application Protection is an integrated platform that provides comprehensive security for web applications and APIs across on-premises, cloud, or hybrid environments. It combines full Web Application and API Protection (WAAP) functionality with advanced security services to defend against a wide range of threats, including the OWASP Top 10, zero-day attacks, and automated threats. The platform offers features such as machine learning-powered auto-configuration, full-spectrum DDoS protection, advanced bot protection, and client-side protection to safeguard applications from sophisticated attacks. Additionally, it includes a hardened SSL/TLS stack for secure HTTPS front-end, built-in content delivery network (CDN) for optimized performance, and integration with various authentication services for granular access control. Barracuda Application Protection simplifies application security by providing a unified solution that is easy to deploy, configure, and manage. -
28
Protect applications from malicious and unwanted internet traffic with a cloud-based, PCI-compliant, global web application firewall service. By combining threat intelligence with consistent rule enforcement, Oracle Cloud Infrastructure Web Application Firewall strengthens defenses and protects internet-facing application servers. Adopt an edge security strategy with a web application firewall that aggregates threat intelligence from multiple sources including WebRoot BrightCloud® and more than 250 predefined OWASP, application, and compliance-specific rules. Protect applications deployed in Oracle Cloud Infrastructure, on-premises, and in multicloud environments with access controls based on geolocation data, whitelisted and blacklisted IP addresses, HTTP URL, and HTTP header. Identify and block malicious bot traffic with an advanced set of verification methods, including JavaScript, CAPTCHA, device fingerprinting, and human interaction algorithms.
-
29
DragonPOS
DragonPOS
DragonPOS is a dry cleaning software solution ideal for dry cleaners and laundry centers. Convenient and easy-to-use, DragonPOS has features such as pick and delivery, smartphone sign-up and scheduling, order access, locker options, and an interactive website. DragonPOS enables customers to enter cleaning preferences, arrange pickups, set schedules, view orders and payments. DragonPOS also offers expert remote installation with the assistance from experts that will guide users.Starting Price: $29 per month -
30
CyStack Platform
CyStack Security
WS provides the ability to scan web apps from outside the firewall, giving you an attacker's perspective; helps detect OWASP Top 10 and known vulnerabilities and constantly monitoring your IPs for other security threats. The team of CyStack pen-testers conducts hypothetical attacks on a customer's applications to discover security weaknesses that could expose applications to cyberattack. As a result, the technical team can fix those vulnerabilities before hackers find and exploit them. Crowdsourced Pen-test is the combination of certified experts and community of researchers. CyStack deploys, operates, and manages the Bug Bounty program on behalf of enterprises to attract a community of experts to find vulnerabilities in technology products such as Web, Mobile, Desktop applications, APIs or IoT devices. This service is a perfect solution for companies that are interested in the Bug Bounty model. -
31
Dragon Player
Dragon Player
Dragon Player is a multimedia player where the focus is on simplicity, instead of features. Dragon Player does one thing, and only one thing, which is playing multimedia files. Its simple interface is designed not to get in your way and instead empower you to simply play multimedia files. Due to using Solid and Phonon DragonPlayer is independent of any multimedia framework or hardware abstraction layer. -
32
Avocado
Avocado
Eliminate lateral movement and data exfiltration with Avocado's agentless, app-native security and visibility. App-native, agentless security powered by runtime policies & pico-segmentation. Designed for simplicity and security at scale. Contain threats at the smallest definable threat surface by creating microscopic perimeters around application subprocesses. Inject runtime controls natively into application subprocesses, enabling self-learning threat detection and automated remediation, no matter the language or architecture. Automatically protect your data against east-west attacks with no manual intervention and near-zero false positives. An agent-based signature, memory, and behavioral detection solutions are not capable of dealing with vast attacks surfaces and laterally moving persistent threats. Without a foundational change in attack detection, zero-day and misconfiguration-related attacks will continue unabated. -
33
CrowdStrike Falcon Adversary Intelligence
CrowdStrike
CrowdStrike Falcon® Adversary Intelligence provides cutting-edge threat intelligence to help organizations proactively identify and mitigate cyber threats. With access to over 250 adversary profiles, dark web monitoring, and real-time threat intelligence, businesses can strengthen their defense and accelerate response times. This platform integrates seamlessly into existing security operations, offering automated threat modeling, sandbox analysis, and the ability to automate security workflows. CrowdStrike Falcon® empowers organizations to stay ahead of emerging threats with comprehensive insights into adversary tactics, techniques, and procedures. -
34
ThreatMapper
Deepfence
Open source, multi-cloud platform for scanning, mapping, and ranking vulnerabilities in running containers, images, hosts, and repositories. ThreatMapper discovers the threats to your applications in production, across clouds, Kubernetes, serverless, and more. What you cannot see, you cannot secure. ThreatMapper auto-discovers your production infrastructure. It identifies and interrogates cloud instances, Kubernetes nodes, and serverless resources, discovering the applications and containers and mapping their topology in real-time. Use ThreatMapper to discover and visualize the external and internal attack surface for your applications and infrastructure. Exploiting known vulnerabilities in common dependencies is one of the easiest ways for bad actors to gain a foothold within your infrastructure. ThreatMapper scans hosts, containers, and applications for known vulnerable dependencies, taking threat feeds from over 50 different sources. -
35
Dragon Legal
Nuance Communications
Dragon Legal is a specialized speech recognition software tailored for legal professionals, offering a legal-specific language model trained on over 400 million words from legal documents. This enables attorneys and legal practitioners to dictate contracts, briefs, and legal citations with up to 99% accuracy, three times faster than typing. The software supports the creation of custom voice commands to automate repetitive tasks and allows for the transcription of pre-recorded audio files, enhancing workflow efficiency. Optimized for Windows 11 and compatible with Windows 10, Dragon Legal v16 also provides accessibility features such as "play that back" audio of dictated text and sophisticated macro commands, accommodating legal professionals with physical or cognitive disabilities. Additionally, it offers integration with Dragon Anywhere Mobile, a cloud-based dictation solution for iOS and Android devices, ensuring productivity on the go.Starting Price: $799 one-time payment -
36
InfiSecure
InfiSecure Technologies
Defend against scrapers, hackers and spammers with InfiSecure's advanced bot detection technology for real-time automated protection. Integrate in 20 minutes with our customized API integration kits. 24x7 automated threat protection against bad and nonhuman traffic. InfiSecure specializes in protecting Web & API from OWASP Top Automated Threats such as Web Scraping, Content Theft, Account Takeover, etc. Our Anti-Bot solution empowers your IT, Legal and Marketing departments to efficiently manage and protect your domain names, trademarks, products, and online brand identity by allowing you to detect and mitigate against all malicious automated traffic in real-time. With our ready integration kits and plugins, get started with active protection within 15 minutes. Get 1:1 dedicated support during integration. Personalized dashboards for real-time traffic statistics reaching your server.Starting Price: $15 per month -
37
Threat Meter
Threat Meter
Continuously view, monitor, and improve the cyberhealth of your entire ecosystem. Threat Meter gives you an outside-in view of the security posture of your entire IT infrastructure. Based on the frequency you choose for monitoring, Threat Meter helps you understand how you stack up across various risk categories. Identify and minimize external risks by gaining insights into exploitable weaknesses, compliance issues, misconfigurations, open ports, etc. Detect and discover impersonating domains, social media accounts, and mobile applications. Takedown before they target the customers or employees. Comprehensively monitor surface web, dark and deep web. Track exposed data across online file stores, criminal forums, code repositories, marketplaces, paste sites, and other sources. Get the deepest visibility into different phishing threats. Uncover typo squatting domains, and phishing pages, and takedown them. -
38
DragonFly BSD
DragonFly BSD
DragonFly version 6.2.2 is released. The 6.2 series has hardware support for type-2 hypervisors with NVMM, an amdgpu driver, the experimental ability to remote-mount HAMMER2 volumes, and many other changes. DragonFly belongs to the same class of operating systems as other BSD-derived systems and Linux. It is based on the same UNIX ideals and APIs and shares ancestor code with other BSD operating systems. DragonFly provides an opportunity for the BSD base to grow in an entirely different direction from the one taken in the FreeBSD, NetBSD, and OpenBSD series. DragonFly includes many useful features that differentiate it from other operating systems in the same class. The most prominent one is HAMMER, our modern high-performance filesystem with built-in mirroring and historic access functionality. Virtual kernels provide the ability to run a full-blown kernel as a user process for the purpose of managing resources or for accelerated kernel development and debugging.Starting Price: Free -
39
AT&T Alien Labs Open Threat Exchange
AT&T Cybersecurity
The world's largest open threat intelligence community that enables collaborative defense with actionable, community-powered threat data. Threat sharing in the security industry remains mainly ad-hoc and informal, filled with blind spots, frustration, and pitfalls. Our vision is for companies and government agencies to gather and share relevant, timely, and accurate information about new or ongoing cyberattacks and threats as quickly as possible to avoid major breaches (or minimize the damage from an attack). The Alien Labs Open Threat Exchange (OTX™) delivers the first truly open threat intelligence community that makes this vision a reality. OTX provides open access to a global community of threat researchers and security professionals. It now has more than 100,000 participants in 140 countries, who contribute over 19 million threat indicators daily. It delivers community-generated threat data, enables collaborative research, and automates the update of your security infrastructure. -
40
Voicepoint Cloud
Voicepoint
The high-availability Voicepoint Cloud with a data centre in Switzerland offers a flexible, cost-effective speech recognition and dictation management solution for everyone who has to prepare a lot of documentation. With this sophisticated, high-performance cloud solution, you use the integrated speech recognition of Dragon Medical Direct, Dragon Legal Anywhere or Dragon Professional Anywhere and dictate directly in the target application where you get the result immediately as text. You also have access to the Winscribe dictation management solution in the Voicepoint Cloud, optimally covering your speech-based documentation processes. Whether you are in your practice, in the clinic, at your office or out, the cloud-based Voicepoint speech recognition and dictation solution supports documentation anywhere and anytime. -
41
Onapsis
Onapsis
Onapsis is the industry standard for business application cybersecurity. Integrate your SAP and Oracle business applications into your existing security & compliance programs. Assess your attack surface to discover, analyze, & prioritize SAP vulnerabilities. Control and secure your SAP custom code development lifecycle, from development to production. Defend your landscape with SAP threat monitoring, fully integrated into your SOC. Comply with industry regulations and audits with less effort by harnessing the power of automation. Onapsis offers the only cybersecurity and compliance solution endorsed by SAP. Cyber threats evolve by the hour. Business applications don’t face static risk, you need a team of experts tracking, identifying, and defending against emerging threats. We are the only organization with an offensive security team dedicated to the unique threats affecting ERP and core business applications, from zero-days to TTPs of internal and external threat actors. -
42
Comodo Dragon
Comodo Security Solutions
The Dragon encompasses all of the best features of Chrome. It includes Chromium technology engineered to offer web users an internet browser that surpasses others especially when it comes to functional speed, stability and convenience. This is exactly why Comodo, the world's leading online security and trust assurance innovator, has stepped forward with Comodo Dragon. A Chromium technology-based web browser that offers you all of Chrome's features plus the unparalleled level of security and privacy you only get from Comodo. Including a greater level of privacy than Chromium technology offers. The Comodo companies are innovative and prolific developers of online security and trust assurance solutions. The Comodo Dragon has taken the latest Chromium technology and beefed it up in the one way necessary to make it the optimum browser to use on today's malware plagued Internet. Superior security and privacy. -
43
Dragon Sourcing
Dragon Sourcing
Dragon Sourcing is a global procurement services provider specializing in delivering comprehensive sourcing solutions to businesses across various industries. With a presence in key markets worldwide, Dragon Sourcing helps organizations identify reliable suppliers, negotiate favorable terms, and streamline their supply chain operations. The company offers a range of services, including supplier identification, market research, quality assurance, and procurement consulting, tailored to meet the unique needs of each client. Leveraging its deep expertise in emerging markets and extensive network of vetted suppliers, Dragon Sourcing enables businesses to reduce costs, ensure product quality, and gain a competitive edge in global markets. Renowned for its commitment to transparency and efficiency, Dragon Sourcing is a trusted partner for businesses seeking to optimize their sourcing strategies. -
44
Protect AI
Palo Alto Networks
Protect AI performs security scans on your ML lifecycle and helps you deliver secure and compliant ML models and AI applications. Enterprises must understand the unique threat surface of their AI & ML systems across the lifecycle and quickly remediate to eliminate risks. Our products provide threat visibility, security testing, and remediation. Jupyter Notebooks are a powerful tool for data scientists to explore data, create models, evaluate experiments, and share results with their peers. The notebooks contain live code, visualizations, data, and text. They introduce security risks and current cybersecurity solutions do not work to evaluate them. NB Defense is free to use, it quickly scans a single notebook or a repository of notebooks for common security issues, identifies problems, and guides your remediation. -
45
DragonOps
DragonOps
DragonOps revolutionizes SaaS hosting as your premier AWS managed service provider, enabling total cloud power without the complexity. Our platform offers a self-hosted PaaS solution, integrating AWS deployment tools and AWS cost optimization strategies directly into your infrastructure. With DragonOps, you can bypass the need for DevOps engineers, thanks to our user-friendly platform that ensures your software is market-ready in record time. We provide comprehensive services including CI/CD, DNS/HTTPS setup, logging, monitoring, secure secrets management, and much more, all tailored to your needs with no prior cloud knowledge required. Experience cost-effective, secure, and fully managed AWS hosting with DragonOps, and get your SaaS up and running in just 20 minutes. -
46
Dragon1
Dragon1
Generate, visualize, measure, analyze, improve strategy, goals, transformation, projects, innovation with data analytics and real-time data-driven decision-making blueprints, landscapes, project portfolios, roadmaps, graphs, charts, atlases for the stakeholders on one collaboration platform. The usage of Dragon1 leads to prioritizing, design, implement and control the digital transformation, IoT, blockchain, artificial intelligence, machine learning, microservices, cyber security, DevOps, mobile, cloud computing, automatization, data lake, robotization, big data management. Intelligent AI chatbot online on the Dragon1 Enterprise Architecture software platform. Import, improve and reuse data with Excel sheets for increasing customer engagement, supply chains, user experience and digital ecosystem, serving as a streamlined decision-making system. -
47
Deepwatch
Deepwatch
Advanced managed detection and response to secure the distributed enterprise. Expert guided security operations for early detection and automated response to mitigate risk across the enterprise. Preemptively detect malicious activity and respond to active threats before the endpoint is compromised. Efficiently discover and remediate critical threats and vulnerabilities across the enterprise. Extensive experience across our team has led us to an important realization too often overlooked: each organization has unique aspects and requirements for its cyber solutions. No team is exactly the same and your threats aren’t either. We developed the Squad Delivery Model to foster collaborative, high touch, tailored services that meet your specific needs and requirements. -
48
ThreatQ
ThreatQuotient
Threat intelligence platform - ThreatQ, to understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder. ThreatQ can serve as an open and extensible threat intelligence platform that accelerates security operations through streamlined threat operations and management. The integrated, self-tuning threat library, adaptive workbench and open exchange allow you to quickly understand threats, make better decisions and accelerate detection and response. Automatically score and prioritize internal and external threat intelligence based on your parameters. Automate aggregation, operationalization and use of threat intelligence across all systems and teams. Improve effectiveness of existing infrastructure by integrating your tools, teams and workflows. Centralize threat intelligence sharing, analysis and investigation in a threat intelligence platform all teams can access. -
49
Indusface WAS
Indusface
Get the most comprehensive application security audit done today. Indusface WAS with its automated scans & manual pen-testing ensures none of the OWASP Top10, business logic vulnerabilities and malware go unnoticed. With zero false positive guarantee and comprehensive report with remediation guidance, Indusface web app scanning ensures developers quickly fixes vulnerabilities. The proprietary scanner built ground up, keeping js framework driven, single page applications in mind to provide complete & intelligent crawling. With latest threat intelligence, get extensive web app scanning for vulnerabilities, and malware. Support on a functional understanding of logical flaws for an in-depth security audit.Starting Price: $49 per month -
50
Cisco AI Defense
Cisco
Cisco AI Defense is a comprehensive security solution designed to enable enterprises to safely develop, deploy, and utilize AI applications. It addresses critical security challenges such as shadow AI—unauthorized use of third-party generative AI apps—and application security by providing full visibility into AI assets and enforcing controls to prevent data leakage and mitigate threats. Key components include AI Access, which offers control over third-party AI applications; AI Model and Application Validation, which conducts automated vulnerability assessments; AI Runtime Protection, which implements real-time guardrails against adversarial attacks; and AI Cloud Visibility, which inventories AI models and data sources across distributed environments. Leveraging Cisco's network-layer visibility and continuous threat intelligence updates, AI Defense ensures robust protection against evolving AI-related risks.
