Business Software for GitLab - Page 22
View:
-
1
JHipster
JHipster
JHipster is a development platform to quickly generate, develop, and deploy modern web applications and microservice architectures. We support many frontend technologies, including Angular, React, and Vue. We even have mobile app support for Ionic and React Native! On the backend, we support Spring Boot (with Java or Kotlin), Micronaut, Quarkus, Node.js, and . NET. For deployment, we embrace cloud-native principles with Docker and Kubernetes. Deployment support exists for AWS, Azure, Cloud Foundry, Google Cloud Platform, Heroku, and OpenShift. Our goal is to generate a complete and modern web app or microservice architecture. A high-performance and robust server-side stack with excellent test coverage. A sleek, modern, mobile-first UI with Angular, React, or Vue + Bootstrap for CSS. A powerful workflow to build your application with Webpack and Maven or Gradle. Resilient microservice architecture with cloud-native principles in mind. -
2
Packagist
Packagist
Packagist is the main composer repository. It aggregates public PHP packages installable with Composer. Put a file named composer.json at the root of your project, containing your project dependencies. Packagist is the default Composer package repository. It lets you find packages and lets Composer know where to get the code from. You can use Composer to manage your project or libraries' dependencies. First of all, you must pick a package name. This is a very important step since it can not change and it should be unique enough to avoid conflicts in the future. The package name consists of a vendor name and a project name joined by a/. The vendor name exists to prevent naming conflicts. The composer.json file should reside at the top of your package's git/svn/ repository and is the way you describe your package to both packagist and composer. New versions of your package are automatically fetched from tags you create in your VCS repository. -
3
Flux
Flux CD
Flux is a set of continuous and progressive delivery solutions for Kubernetes that are open and extensible. The latest version of Flux brings many new features, making it more flexible and versatile. Flux is a CNCF Incubating project. Flux and Flagger deploy apps with canaries, feature flags, and A/B rollouts. Flux can also manage any Kubernetes resource. Infrastructure and workload dependency management are built-in. Flux enables application deployment (CD) and (with the help of Flagger) progressive delivery (PD) through automatic reconciliation. Flux can even push back to Git for you with automated container image updates to Git (image scanning and patching). Flux works with your Git providers (GitHub, GitLab, Bitbucket, can even use s3-compatible buckets as a source), all major container registries, and all CI workflow providers. Kustomize, Helm, RBAC, and policy-driven validation (OPA, Kyverno, admission controllers) so it simply falls into place. -
4
Atlantis
Atlantis
Atlantis is self-hosted. Your credentials don't leave your infrastructure. Runs as a Golang binary or Docker image and can be deployed on VMs, Kubernetes, Fargate, etc. Listens for webhooks from GitHub/GitLab/Bitbucket/Azure DevOps. Runs terraform commands remotely and comment back with their output. Used by one of the world's top companies to manage over 600 Terraform repos with 300 developers. In production use for over 2 years. Each pull request now holds a detailed log of what infrastructure changes were made and when; along with who made the change and who approved it. Atlantis can be configured to require approvals on every production change. Pass audits without compromising your workflow. Developers can submit Terraform pull requests without needing credentials. Operators can require approvals prior to allowing an application. Ensure that you apply changes before merging to master. -
5
Garden
Garden.io
Garden is an end-to-end cloud delivery platform that accelerates your development, testing and CI/CD workflows. Get realistic environments on demand, rapidly iterate while coding, and efficiently run tests from anywhere. One tool, one configuration, from source to finish. One set of commands and configuration for all your environments, services, database migrations, even infrastructure. Use Garden to quickly and easily run end-to-end tests in any environment. Your laptop was not made to run a large distributed system. Garden can run, build and test your services remotely, but at the speed of local development. Automatically tear down environments and delete Kubernetes resources based on inactivity or on a schedule. White glove onboarding, personalized training, and expert support. We’re here to help every step of the way. -
6
Scytale
Scytale
Scytale is the global leader in security compliance automation, helping companies get compliant and stay compliant with security frameworks like SOC 1, SOC 2, ISO 27001, HIPAA, GDPR, PCI-DSS, and more, without breaking a sweat. Our experts offer personalized guidance to streamline compliance, enabling faster growth and boosting customer trust. Simplify compliance with automated evidence collection and 24/7 control monitoring. Everything you need to get audit-ready 90% faster. Centralize, manage, and track workflows in one place. You can increase sales by showing proof of information security to customers. You can continue to do business as usual, and automate your SOC 2 project. Transform compliance into a well-organized process that allows you to track the status of your workflows. The ultimate automation platform that assists SaaS companies in achieving ISO 27001 and SOC 2 compliance. -
7
Enso
Enso Security
Enso is transforming application security by empowering organizations to build, manage and scale their AppSec programs. Its Application Security Posture Management (ASPM) platform easily deploys into an organization’s environment to create an actionable, unified inventory of all application assets, their owners, security posture and associated risk. With Enso Security, AppSec teams gain the capacity to manage the tools, people and processes involved in application security, enabling them to build a simplified, agile and scalable application security program without interfering with development. Enso has been recognized with numerous awards including the 2022 Excellence Awards, Globee Awards, and Forbes Top 20 Cybersecurity Startups to Watch. -
8
Code Intelligence
Code Intelligence
Our platform uses various security techniques, including coverage-guided and feedback-based fuzz testing, to automatically generate millions of test cases that trigger hard-to-find bugs deep within your application. This white-box approach protects against edge cases and speeds up development. Advanced fuzzing engines generate inputs that maximize code coverage. Powerful bug detectors check for errors during code execution. Uncover true vulnerabilities only. Get the input and stack trace as proof, so you can reliably reproduce errors every time. AI white-box testing uses data from all previous test runs to continuously learn the inner-workings of your application, triggering security-critical bugs with increasingly high precision. -
9
Seemplicity
Seemplicity
The fundamentals of workplace productivity have been redefined with automated workflows in nearly all domains. But what about security? When it comes to driving risk down, security teams are forced to play air traffic controller, deduplicating, sorting, and prioritizing every security finding that comes in, then routing and following up with developers all across the organization to make sure problems get fixed. The result, is a massive administrative burden on an already resource-constrained team, stubbornly long time-to-remediation, friction between security and development, and an inability to scale. Seemplicity revolutionizes the way security teams work by automating, optimizing, and scaling all risk reduction workflows in one workspace. Aggregated findings with the same solution on the same resource. Exceptions, such as rejected tickets or tickets with a fixed status but an open finding, are automatically redirected to the security team for review. -
10
Integrate.io
Integrate.io
Unify Your Data Stack: Experience the first no-code data pipeline platform and power enlightened decision making. Integrate.io is the only complete set of data solutions & connectors for easy building and managing of clean, secure data pipelines. Increase your data team's output with all of the simple, powerful tools & connectors you’ll ever need in one no-code data integration platform. Empower any size team to consistently deliver projects on-time & under budget. We ensure your success by partnering with you to truly understand your needs & desired outcomes. Our only goal is to help you overachieve yours. Integrate.io's Platform includes: -No-Code ETL & Reverse ETL: Drag & drop no-code data pipelines with 220+ out-of-the-box data transformations -Easy ELT & CDC :The Fastest Data Replication On The Market -Automated API Generation: Build Automated, Secure APIs in Minutes - Data Warehouse Monitoring: Finally Understand Your Warehouse Spend - FREE Data Observability: Custom -
11
Meltano
Meltano
Meltano provides the ultimate flexibility in deployment options. Own your data stack, end to end. Ever growing connector library of 300+ connectors have been running in production for years. Run workflows in isolated environments, execute end-to-end tests, and version control everything. Open source gives you the power to build your ideal data stack. Define your entire project as code and collaborate confidently with your team. The Meltano CLI enables you to rapidly create your project, making it easy to start replicating data. Meltano is designed to be the best way to run dbt to manage your transformations. Your entire data stack is defined in your project, making it simple to deploy it to production. Validate your changes in development before moving to CI, and in staging before moving to production. -
12
Valence
Valence Security
Valence finds and fixes SaaS risks. The Valence platform discovers, protects, and defends SaaS applications by monitoring shadow IT, misconfigurations, and identity activities through unparalleled SaaS discovery, SSPM, and ITDR capabilities. Recent high-profile breaches highlight how decentralized SaaS adoption creates significant security challenges. With Valence, security teams can control SaaS sprawl, protect their data, and detect suspicious activities from human and non-human identities. Valence goes beyond visibility by enabling security teams to remediate risks through one-click remediation, automated workflows, and business user collaboration. Trusted by leading organizations, Valence ensures secure SaaS adoption while mitigating today’s most critical SaaS security risks. -
13
Argon
ArgonSec
The first unified security solution protecting the integrity of your software throughout the entire DevOps CI CD pipeline. Track all events and actions across your software supply chain with unparalleled clarity, get actionable information and make decisions faster. Bolster your security posture by enforcing security best practices at all stages of the software delivery process with real-time alerts and auto-remediation. Ensure source code integrity with automated validity checks on each release, so you can be sure the code you committed is the source code deployed. Argon continuously monitors your DevOps infrastructure to identify security risks, code leaks, misconfigurations, and anomalies, and provide insights about the posture of your CI CD pipeline. -
14
ActiveControl
Basis
Increase business agility and competitiveness with faster, safer, more frequent delivery of SAP change. Today’s industry leaders need the power of innovation to beat the competition and adapt to rapidly-changing markets. But innovating fast can be a challenge for companies who run complex SAP environments where rapid, low-risk change isn’t easy. ActiveControl’s advanced automation solves that problem with a fundamentally new approach to change and release that enables companies to adopt agile development, DevOps, and continuous delivery in SAP. Customizable workflows let you automatically deploy SAP transports (and even non-SAP changes) after relevant approvals. Whether you define system-specific import schedules or adopt a continuous delivery model, change deployments and dependent manual activities are automatically orchestrated across all your SAP systems. For maximum DevOps value SAP systems should be part of your global IT landscape and best-practice delivery processes. -
15
ArmorCode
ArmorCode
Centralize all AppSec findings (SAST, DAST, SCA, etc) and correlate with infrastructure and cloud security vulnerabilities to get a 360o view of you application security posture. Normalize, de-dup and correlate findings to improve risk mitigation efficiency and prioritize the findings that impact the business. A single source of truth for findings and remediations from across tools, teams and applications. AppSecOps is the process of identifying, prioritizing, remediating and preventing Security breaches, vulnerabilities and risks - fully integrated with existing DevSecOps workflows, teams and tools An AppSecOps platform enables security teams to scale their ability to successfully identify, remediate and prevent high-priority application level security, vulnerability, and compliance issues, as well as identify and eliminate coverage gaps. -
16
Procyon
Procyon
Get frictionless, secure access to cloud infrastructure. Get passwordless access to major cloud platforms and thousands of cloud resources. We work seamlessly with AWS, GCP, Azure, and other cloud-native tools. Stop overprivileged access with just-in-time access for developers. DevOps users can request access to cloud resources with ‘just enough privileges’ to get timebound access to resources. Eliminate productivity bottlenecks of a centralized administrator. Configure approval policies based on a variety of factors. View a catalog of granted and unaccessed resources. Stop credential sprawl and worrying about credential theft. Developers can get passwordless access to cloud resources using Trusted Platform Module (TPM) based technology. Discover potential vulnerabilities now with our free assessment tool and understand how Procyon can help solve the problem in a matter of hours. Leverage TPM to strongly identify users and devices. -
17
Entitle
BeyondTrust
Entitle fuses a security-first approach to provisioning and governance, with a commitment to business enablement for all teams, from R&D and sales to H&R and finance. Speed up provisioning to unlock security policies that automatically update with changing infrastructure and employee needs. Grant permissions to specific resources, like Google Drive folders, database tables, Git repositories, and more. Keep privileged resources and roles safe by granting access only when needed, and removing them when not. Give peers, managers, and resource owners the power to approve access requests, for authorizations you can trust. With automated access requests and zero-touch provisioning, DevOps, IT, and all teams can save serious time and resources. Users can request access to what they need via Slack, Teams, Jira, or email for a seamless approval process. Grant bulk permissions for fast onboarding and offboarding to keep up with organizational changes. -
18
Sana
Sana Labs
One home for all your learning and knowledge. Sana is an AI-powered learning platform that empowers teams to find, share, and harness the knowledge they need to achieve their missions. Give everyone a more immersive learning experience by blending live collaborative sessions with personalized self-paced courses. All from one platform. Lower the barrier to sharing knowledge by letting Sana Assistant generate questions, explanations, images, and even entire courses from scratch. Empower anyone to keep up the energy and engagement with interactive quizzes, Q&A, polls, stickynotes, reflection cards, recordings, and more. Integrate Sana with all your team apps and make your entire company’s knowledge searchable in under 100ms. Github, Google Workspace, Notion, Slack, Salesforce. You name it, Sana can query it. -
19
UBOS
UBOS
Everything you need to transform your ideas into AI apps in minutes. Anyone can create next-generation AI-powered apps in 10 minutes, from professional developers to business users, using our no-code/low-code platform. Seamlessly integrate APIs like ChatGPT, Dalle-2, and Codex from Open AI, and even use custom ML models. Build custom admin client and CRUD functionalities to effectively manage sales, inventory, contracts, and more. Create dynamic dashboards that transform data into actionable insights and fuel innovation for your business. Easily create a chatbot to improve customer support and create a true omnichannel experience with multiple integrations. An all-in-one cloud platform combines low-code/no-code tools with edge technologies to make your web application scalable, secure, and easy to manage. Transform your software development process with our no-code/low-code platform, perfect for both business users and professional developers alike. -
20
PuzzlesCloud
PuzzlesCloud
PuzzlesCloud offers a cloud & on-premise documentation solution for teams to develop, structure, and manage Git-based Knowledge Base and publish agile professional docs by an innovative docx-as-code approach. Continuous docs build. Zero formatting. No copy/paste. Single click. High quality. Extreme re-use.Starting Price: €29/team/year -
21
Benerator
Benerator
Describe your data model on an abstract level in XML. Involve your business people as no developer skills are necessary. Use a wide range of function libraries to fake realistic data. Write your own extensions in Javascript or Java. Integrate your data processes into Gitlab CI or Jenkins. Generate, anonymize, and migrate with Benerator’s model-driven data toolkit. Define processes to anonymize or pseudonymize data in plain XML on an abstract level without the need for developer skills. Stay GDPR compliant with your data and protect the privacy of your customers. Mask and obfuscate sensitive data for BI, test, development, or training purposes. Combine data from various sources (subsetting) and keep the data integrity. Migrate and transform your data in multisystem landscapes. Reuse your testing data models to migrate production environments. Keep your data consistent and reliable in a microsystem architecture. -
22
Modelbit
Modelbit
Don't change your day-to-day, works with Jupyter Notebooks and any other Python environment. Simply call modelbi.deploy to deploy your model, and let Modelbit carry it — and all its dependencies — to production. ML models deployed with Modelbit can be called directly from your warehouse as easily as calling a SQL function. They can also be called as a REST endpoint directly from your product. Modelbit is backed by your git repo. GitHub, GitLab, or home grown. Code review. CI/CD pipelines. PRs and merge requests. Bring your whole git workflow to your Python ML models. Modelbit integrates seamlessly with Hex, DeepNote, Noteable and more. Take your model straight from your favorite cloud notebook into production. Sick of VPC configurations and IAM roles? Seamlessly redeploy your SageMaker models to Modelbit. Immediately reap the benefits of Modelbit's platform with the models you've already built. -
23
Vedro
Vedro Universe
Vedro is a pragmatic testing framework.Starting Price: Free -
24
Scrut Automation
Scrut
With Scrut, automate your risk assessment and monitoring, build your own unique risk-first infosec program, effortlessly manage multiple compliance audits, and demonstrate trust with your customers, all from a single window. Discover cyber assets, set up your infosec program and controls, continuously monitor your controls for 24/7 compliance, and manage multiple compliance audits simultaneously, all through a single window on Scrut. Monitor risks across your infrastructure and application landscape in real-time and continuously stay compliant with 20+ compliance frameworks. Collaborate with team members, auditors, and pen-testers with automated workflows and seamless artifact sharing. Create, assign, and monitor tasks to manage daily compliance with automated alerts and reminders. With the help of 70+ integrations with commonly used applications, make continuous security compliance effortless. Scrut’s intuitive dashboards provide quick overviews and insights. -
25
Silk Security
Silk Security
Cut through the findings flood, holistically understand risk, automate prioritization, and collaborate on fix remediation — all in one platform. Adoption of cloud, hybrid, and cloud-native applications generates more complexity and scale issues that legacy approaches can't begin to address. Without enough environmental context, security teams struggle to measure and prioritize the risk associated with findings. Duplicate alerts from multiple tools mean compounds the challenge for security teams to prioritize and assign remediation ownership. 60% of the breaches that occur are due to a security alert that the organization knew about, but struggled to map stakeholder responsibility for the fix. Map stakeholder responsibility, enable self-service remediation with actionable recommendations, and facilitate bidirectional collaboration through integration into existing tools and workflows. -
26
Tromzo
Tromzo
Tromzo builds deep environmental and organizational context from code to cloud so you can accelerate the remediation of critical risks across the software supply chain. Tromzo accelerates the remediation of risks at every layer from code to cloud. We do this by building a prioritized risk view of the entire software supply chain with context from code to cloud. This context helps our users understand which few assets are critical to the business, prevent risks from being introduced to those critical assets, and automate the remediation lifecycle of the few issues that truly matter. Contextual software asset inventory (code repos, software dependencies, SBOMs, containers, microservices, etc.), so you know what you have, who owns them, and which ones are important to the business. Understand the security posture for every team with SLA compliance, MTTR, and other custom KPIs, so you can drive risk remediation and accountability across the organization. -
27
ProjectDiscovery
ProjectDiscovery
Use automation, integrations, and continuous scanning to defend your modern tech stack. Build your regression database with alerts and CI/CD tools to prevent vulnerabilities from reappearing. Effortlessly retest vulnerabilities. Save time and resources allowing your team to ship faster. Security should be simple, accessible, and community-driven. Not all vulnerabilities and assets are worth triaging. Focus on the ones that matter to your workflows with context-enriched data. Our AI templating integration reads vulnerability reports and tailors templates to your needs, saving you time and effort on automation. Automate with support from APIs and webhooks. Trigger scans and receive real-time updates on vulnerabilities, assets, and templates. Collaborate across teams by sharing templates, assets, and vulnerabilities. Our enterprise platform has an amazing foundation. -
28
Maverix
Maverix
Maverix blends itself into the existing DevOps process, brings all required integrations with software engineering and application security tools, and manages the application security testing process end to end. AI-based automation for security issues management including detection, grouping, prioritization, filtration, synchronization, control of fixes, and support of mitigation rules. Best-in-class DevSecOps data warehouse for full visibility into application security improvements over time and team efficiency. Security issues can be easily tracked, triaged, and prioritized – all from a single user interface for the security team, with integrations to third-party products. Gain full visibility into application production readiness and application security improvements over time. -
29
Fianu
Fianu
Fianu monitors activity throughout your DevOps toolchain and generates an immutable, context-aware ledger of attestations that tells the story of your software leading up to production. Capture key security data points using pre-built integrations with your favorite security tools. Monitor and enforce best practices such as code review, branching strategy, and versioning scheme. Ensure software meets necessary functional, performance, and accessibility standards. Create or configure custom controls to meet the unique needs of your company. Out-of-the-box tooling to help you secure your software supply chain from development, to build, to deployment. Configurable control requirements and thresholds provide executives, managers, and stakeholders with the knobs and dials necessary to fine-tune compliance to your company's needs. -
30
Cypago
Cypago
Reduce manual efforts, lower costs and strengthen trust with customers with no-code automation workflows. Elevate your security Governance, Risk, and Compliance (GRC) maturity through simplified and automated cross-functional processes. Everything you need to know about achieving and maintaining compliance across all security frameworks and IT environments. Get in-depth ongoing insight into your compliance and risk posture. Save thousands of hours of manual work by leveraging the power of true automation. Put security policies and procedures into action to maintain accountability. At last, a complete audit automation experience, including audit scope generation and customization, 3600 evidence collection across data silos, in-context gap analysis, and auditor-trusted reports. Because audits can be easier and way more efficient than they are today. Transform chaos into compliance and enjoy instant insights on your employee and user base access privileges and permissions.