Best IT Security Software for Docker - Page 4
View:
Compare the Top IT Security Software that integrates with Docker as of October 2025 - Page 4
Sort By:
This a list of IT Security software that integrates with Docker. Use the filters on the left to add additional filters for products that have integrations with Docker. View the products that work with Docker in the table below.
-
1
IRI Voracity
IRI, The CoSort Company
Voracity is the only high-performance, all-in-one data management platform accelerating AND consolidating the key activities of data discovery, integration, migration, governance, and analytics. Voracity helps you control your data in every stage of the lifecycle, and extract maximum value from it. Only in Voracity can you: 1) CLASSIFY, profile and diagram enterprise data sources 2) Speed or LEAVE legacy sort and ETL tools 3) MIGRATE data to modernize and WRANGLE data to analyze 4) FIND PII everywhere and consistently MASK it for referential integrity 5) Score re-ID risk and ANONYMIZE quasi-identifiers 6) Create and manage DB subsets or intelligently synthesize TEST data 7) Package, protect and provision BIG data 8) Validate, scrub, enrich and unify data to improve its QUALITY 9) Manage metadata and MASTER data. Use Voracity to comply with data privacy laws, de-muck and govern the data lake, improve the reliability of your analytics, and create safe, smart test data -
2
ActiveState
ActiveState
ActiveState delivers Intelligent Remediation for vulnerability management, which enables DevSecOps teams to not only identify vulnerabilities in open source packages, but also to automatically prioritize, remediate, and deploy fixes into production without breaking changes, ensuring that applications are truly secured. Existing tools overwhelm DevSecOps teams with excessive vulnerability data, false positives, and a lack of prioritization, often leading to inaction and increased exposure to exploits. ActiveState’s solution provides your DevSecOps with a comprehensive view of open source vulnerability status across your application portfolio, enabling them to prioritize the vulnerabilities that matter, assess the risk of updates, and choose recommended remediation paths. The ActiveState platform centers on open source languages packaged as runtimes that can be deployed in various form factors. Low-to-no CVE container images are also available for plug-in and play needs. -
3
Harness
Harness
Harness is an AI-native software delivery platform that helps engineering teams achieve excellence by automating and streamlining the entire software delivery lifecycle. It enables continuous integration, continuous delivery, and GitOps for multi-cloud, multi-region deployments with increased speed and reliability. Harness simplifies infrastructure as code, database DevOps, and artifact management to improve collaboration and reduce errors. The platform offers AI-powered testing, incident response, chaos engineering, and feature management to enhance quality and resilience. Harness also provides cloud cost management, security testing orchestration, and developer insights to optimize performance and governance. Trusted by leading enterprises, Harness accelerates innovation while reducing manual effort and risk. -
4
TruffleHog
Truffle Security
TruffleHog runs behind the scenes to scan your environment for secrets like private keys and credentials, so you can protect your data before a breach occurs. Secrets can be found anywhere, so TruffleHog scans more than just code repositories, including SaaS and internally hosted software. With support for custom integrations and new integrations added all the time, you can secure your secrets across your entire environment. TruffleHog is developed by a team entirely comprised of career security experts. Security is our passion and primary concern, and all features are developed with best practices in mind. TruffleHog enables you to track and manage secrets within our intuitive management interface, including links to exactly where secrets have been found. Authenticate with secure OAuth workflows for users and never worry about username and password breaches. -
5
LOGIQ
LOGIQ.AI
LOGIQ.AI’s LogFlow provides centralized control of your observability data pipelines. As data streams arrive, they are automatically organized and optimized for your business teams and knowledge workers. XOps teams can centralize data flow management, gain data EPS control, and increase data quality and relevance. Built on any object store, LogFlow’s InstaStore enables infinite data retention and on-demand data replay to any target observability platform of your choice. Analyze operational metrics across applications and infrastructure and gain actionable insights that help you scale with confidence while maintaining high availability. Fuel business decisions and better user experiences by collecting, transforming, and analyzing behavioral data and usage patterns from business systems. Don’t let new attack techniques catch you off guard. Detect and analyze threat patterns from multiple sources and automate threat prevention and remediation. -
6
Shoreline
Shoreline.io
Shoreline is the Cloud Reliability platform — the only platform that lets DevOps engineers build automations in an afternoon, and fix issues forever. Shoreline reduces on-call complexity by running across clouds, Kubernetes clusters, and VMs allowing operators to manage their entire fleet as if it were a single box. Debugging and repairing issues is easy with advanced tooling for your best SREs, automated runbooks for the broader team, and a platform that makes building automations 30X faster. Shoreline does the heavy lifting, setting up monitors and building repair scripts, so that customers only need to configure them for their environment. Shoreline’s modern “Operations at the Edge” architecture runs efficient agents in the background of all monitored hosts. Agents run as a DaemonSet on Kubernetes or an installed package on VMs (apt, yum). The Shoreline backend is hosted by Shoreline in AWS, or deployed in your AWS virtual private cloud. -
7
JFrog
JFrog
Fully automated DevOps platform for distributing trusted software releases from code to production. Onboard DevOps projects with users, resources and permissions for faster deployment frequency. Fearlessly update with proactive identification of open source vulnerabilities and license compliance violations. Achieve zero downtime across your DevOps pipeline with High Availability and active/active clustering for your enterprise. Control your DevOps environment with out-of-the-box native and ecosystem integrations. Enterprise ready with choice of on-prem, cloud, multi-cloud or hybrid deployments that scale as you grow. Ensure speed, reliability and security of IoT software updates and device management at scale. Create new DevOps projects in minutes and easily onboard team members, resources and storage quotas to get coding faster.Starting Price: $98 per month -
8
CloudMatos
CloudMatos
MatosSphere brings a complete cloud compliance solution for your cloud infrastructure. Our cloud compliance solution provides you with the tools you need to secure your cloud environment and meet compliances. With our self-healing, self-secure and intelligent remediation, MatosSphere is the only cloud compliance and security platform you need to keep your cloud infrastructure safe and compliant. Contact us today to learn more about our cloud security and compliance solutions. Cloud security and compliance governance can be major challenges for customers with growing cloud adoption. As more companies migrate their workloads to public cloud environments, they may find it difficult to provision, manage and maintain secured, compliant and scalable infrastructure. The cloud resource footprint can evolve and increase quickly, making it difficult to have a business continuity plan in place.Starting Price: $500 per month -
9
Threagile
Threagile
Threagile enables teams to execute Agile Threat Modeling as seamless as possible, even highly-integrated into DevSecOps environments. Threagile is the open-source toolkit which allows to model an architecture with its assets in an agile declarative fashion as a YAML file directly inside the IDE or any YAML editor. Upon execution of the Threagile toolkit a set of risk-rules execute security checks against the architecture model and create a report with potential risks and mitigation advice. Also nice-looking data-flow diagrams are automatically created as well as other output formats (Excel and JSON). The risk tracking can also happen inside the Threagile YAML model file, so that the current state of risk mitigation is reported as well. Threagile can either be run via the command-line (also a Docker container is available) or started as a REST-Server.Starting Price: Free -
10
A modern app‑security solution that works seamlessly in DevOps environments, helping you deliver secure apps from code to customer. Today’s application landscape has changed dramatically. Modern apps are microservices that run in containers, communicate via APIs, and deploy via automated CI/CD pipelines. DevOps teams need to integrate security controls authorized by the security team across distributed environments without slowing release velocity or performance. NGINX App Protect is a modern app‑security solution that works seamlessly in DevOps environments as a robust WAF or app‑level DoS defense, helping you deliver secure apps from code to customer. Seamlessly integrates strong security controls with NGINX Plus and NGINX Ingress Controller. Defends against many advanced threats and evasive attacks. Reduces complexity and tool sprawl while delivering modern apps. Create, secure, and operate adaptive applications that reduce costs, improve operations, and better protect users.
-
11
Infisical
Infisical
Compare secrets across environments and see what's different or missing. Set personal values for secrets – either during local development or for sensitive secrets. Easily inherit other secrets to establish a single source of truth. Automatically identify and prevent secret leaks to git using Infisical's continuous monitoring and pre-commit checks – support over 140 secret types.Starting Price: $6 per month -
12
Sandfly Security
Sandfly Security
Trusted on critical infrastructure globally, Sandfly delivers agentless Linux security with no endpoint agents and no drama. Instant deployment without compromising stability or needing endpoint agents. Sandfly is an agentless, instantly deployable, and safe Linux security monitoring platform. Sandfly protects virtually any Linux system, from modern cloud deployments to decade-old devices, regardless of distribution or CPU architecture. Besides traditional Endpoint Detection and Response (EDR) capabilities, Sandfly also tracks SSH credentials, audits for weak passwords, detects unauthorized changes with drift detection, and allows custom modules to find new and emerging threats. We do all of this with the utmost safety, performance, and compatibility on Linux. And, we do it without loading agents on your endpoints. The widest coverage for Linux on the market. Sandfly protects most distributions and architectures such as AMD, Intel, Arm, MIPS, and POWER CPUs. -
13
SecOps
SecOps
Scan for vulnerable and unpatched operating systems, 3rd party software, and libraries in your virtual machines, network devices, appliances and endpoint workloads prioritized by risk. Efficiently manage and deploy critical security updates with our automated patching solution. Pre-validated and revertible patches with one-click deployment. Assess configurations of your servers, network devices and endpoints. Use our proprietary compliance patching technology to fix the gaps for CIS Level 1&2, PCI-DSS, HIPAA, ISO 27001 & more. From static image to dynamic running instances , Discover, track and continuously secure docker containers, Kubernetes pods and microservices. -
14
Kontra
Security Compass
Kontra was built by industry veterans who invented and pioneered the first interactive application security training platform. We don't offer secure coding quizzes, that are effectively re-skinned multiple-choice questions. If that's your idea of educating developers about software security, we are not the company for you. Developers are who we serve. Adding artificial metrics, meaningless rewards, and silly badges is not what we do. We respect their time far too much to patronize them with these gimmicks. The days of heavily scripted OWASP Top 10 training videos with robotic voice-overs are over. Interactive storytelling with realness and purpose in short bursts is what puts developers in the middle of the action and drives a truly engaging learning experience. Developers are more engaged in training if the content has a basis in reality rather than contrived examples. We set out to design the most beautiful application security training experience ever built.Starting Price: $400 per year -
15
Retrospective
centeractive AG
Retrospective is a desktop application for convenient and effective searching in local and distributed log files as well as log data from container platforms such as Docker and Kubernetes. Such data sources are accessed on local and/or remote computers and the log data of different format is extracted, combined and displayed in one place (the result table). Advanced features such as profile definition, data source monitoring, sorting/filtering result entries, highlighting, bookmarking, exporting etc. enable fast and robust log data exploration. Retrospective assists you in early error detection by monitoring application servers’ logs, searching for exceptions, etc. The highly optimized search engine together with the aforementioned features ensures that much precious time is saved. Being able to access all log data in one place makes log data processing incredibly efficient, thus ensuring quick and effective reactions to problems, and therefore gain customers’ trust and loyalty.Starting Price: $92 per year -
16
Curity
Curity
The Curity identity server is a standards-based identity and API security platform designed to provide robust authentication and authorization for digital services. It combines identity and API security, enabling scalable customer identity and access management to accelerate digital transformation, growth, and customer loyalty. It offers a range of features, including multi-factor authentication, user journey orchestration, decentralized identity, and secure access management. It supports various identity-related standards such as OAuth, OpenID Connect, and SCIM, ensuring interoperability and compliance with industry protocols. Curity's architecture is built on the principle of separation of concerns, enhancing security, flexibility, and scalability. It provides advanced configuration management with transaction-based changes, rollbacks, and backups, accessible through a web UI, CLI, RESTCONF API, and XML config files. -
17
Sonatype Lifecycle
Sonatype
Sonatype Lifecycle is a leading software composition analysis (SCA) platform designed to secure applications by automating dependency management and vulnerability monitoring. It provides real-time alerts and in-depth analytics to help developers identify and fix security risks across the software development lifecycle (SDLC). With features like automated patching, customizable policies, and SBOM (Software Bill of Materials) management, Sonatype helps businesses integrate secure open-source components without compromising speed. The platform enhances DevOps workflows by offering insights into dependencies, minimizing risks, and ensuring compliance, all while speeding up development. -
18
Darktrace
Darktrace
Darktrace is a cybersecurity platform powered by AI, providing a proactive approach to cyber resilience. Its ActiveAI Security Platform delivers real-time threat detection, autonomous responses to both known and novel threats, and comprehensive visibility into an organization’s security posture. By ingesting enterprise data from native and third-party sources, Darktrace correlates security incidents across business operations and detects previously unseen threats. This complete visibility and automation reduce containment time, eliminate alert fatigue, and significantly enhance the efficiency of security operations. -
19
Commvault Cloud
Commvault
Commvault Cloud is a comprehensive cyber resilience platform designed to protect, manage, and recover data across diverse IT environments, including on-premises, cloud, and SaaS applications. Powered by Metallic AI, it offers advanced features such as AI-driven threat detection, automated compliance tools, and rapid recovery capabilities like Cleanroom Recovery and Cloudburst Recovery. The platform ensures continuous data security through proactive risk scanning, threat hunting, and cyber deception, while facilitating seamless recovery and business continuity with infrastructure-as-code automation. With a unified management interface, Commvault Cloud enables organizations to safeguard their critical data assets, maintain compliance, and swiftly respond to cyber threats, thereby minimizing downtime and operational disruptions. -
20
VMware Workstation Pro
Broadcom
VMware Workstation Pro is the industry standard for running multiple operating systems as virtual machines (VMs) on a single Linux or Windows PC. IT professionals, developers and businesses who build, test or demo software for any device, platform or cloud rely on Workstation Pro. VMware Workstation Pro allows you to run multiple operating systems at once on the same Windows or Linux PC. Create real Linux and Windows VMs and other desktop, server, and tablet environments, complete with configurable virtual networking and network condition simulation, for use in code development, solution architecting, application testing, product demonstrations and more. Securely connect with vSphere, ESXi or other Workstation servers to launch, control and manage both virtual machines (VMs) and physical hosts. A common VMware hypervisor maximizes productivity and enables easy transfer of VMs to and from your local PC. -
21
Nightfall
Nightfall
Discover, classify, and protect your sensitive data. Nightfall™ uses machine learning to identify business-critical data, like customer PII, across your SaaS, APIs, and data infrastructure, so you can manage & protect it. Integrate in minutes with cloud services via APIs to monitor data without agents. Machine learning classifies your sensitive data & PII with high accuracy, so nothing gets missed. Setup automated workflows for quarantines, deletions, alerts, and more - saving you time and keeping your business safe. Nightfall integrates directly with all your SaaS, APIs, and data infrastructure. Start building with Nightfall’s APIs for sensitive data classification & protection for free. Via REST API, programmatically get structured results from Nightfall’s deep learning-based detectors for things like credit card numbers, API keys, and more. Integrate with just a few lines of code. Seamlessly add data classification to your applications & workflows using Nightfall's REST API. -
22
Revenera SCA
Revenera
Take control of your open source software management. Empower your organization to manage open source software (OSS) and third-party components. FlexNet Code Insight helps development, legal and security teams to reduce open source security risk and manage license compliance with an end-to-end system. FlexNet Code Insight is a single integrated solution for open source license compliance and security. Find vulnerabilities and remediate associated risk while you build your products and during their entire lifecycle. Manage open source license compliance, add automation to your processes, and implement a formal OSS strategy that balances business benefits and risk management. Integrate with build tools, CI/CD and SCM tools, artifact repositories, external repositories or build your own integrations using the FlexNet Code Insight REST API framework to make code scanning easy and effective. -
23
Seeker
Black Duck
Seeker® is an interactive application security testing (IAST) solution that provides unparalleled visibility into your web application's security posture. It identifies vulnerability trends against compliance standards such as OWASP Top 10, PCI DSS, GDPR, CAPEC, and CWE/SANS Top 25. Seeker enables security teams to track sensitive data, ensuring it is handled securely and not stored in log files or databases without proper encryption. Its seamless integration into DevOps CI/CD workflows allows for continuous application security testing and verification. Unlike other IAST solutions, Seeker not only identifies security vulnerabilities but also verifies their exploitability, providing developers with a prioritized list of confirmed issues to address. By employing patented methods, Seeker processes extensive HTTP(S) requests swiftly, reducing false positives to near zero and enhancing productivity while minimizing business risk. -
24
OWASP ZAP
OWASP
OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known as a “man-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process. ZAP provides functionality for a range of skill levels – from developers, to testers new to security testing, to security testing specialists. ZAP has versions for each major OS and Docker, so you are not tied to a single OS. Additional functionality is freely available from a variety of add-ons in the ZAP Marketplace, accessible from within the ZAP client. -
25
Akamai Guardicore Segmentation simplifies segmentation, reduce your attack surface and prevent lateral movement with fast and simple segmentation that works everywhere. Granular visibility and segmentation controls for Data Center, Cloud and Hybrid Cloud Environments. The Akamai Guardicore Segmentation Platform is the simplest and most intuitive way to visualize activity in data center and cloud environments, implement precise segmentation policies, protect against external threats, and detect possible breaches quickly. Akamai Guardicore Segmentation collects detailed information about an organization’s IT infrastructure through a mix of agent-based sensors, network-based data collectors, and virtual private cloud (VPC) flow logs from cloud providers. Relevant context is added to this information through a flexible and highly automated labeling process that includes integration with existing data sources like orchestration systems and configuration management databases.
-
26
Portworx
Pure Storage
Run Kubernetes in production with the #1 Kubernetes platform for persistent storage, backup, DR, data security and capacity management. Easily protect, restore and migrate your Kubernetes applications in any cloud or data center. The Portworx Enterprise Storage Platform is your end-to-end storage and data management solution for all your Kubernetes projects, including container-based CaaS, DBaaS, SaaS, and Disaster Recovery initiatives. Your apps will benefit from container-granular storage, disaster recovery, data security, multi-cloud migrations and more. Easily solve the enterprise requirements needed to run data service on Kubernetes. Effortlessly offer a cloud-like DbaaS to your users without giving up control. Scale the backend data services powering your SaaS app without operational complexity. Add DR to any Kubernetes app with a single command. Easily backup and restore all your Kubernetes applications. -
27
Centreon
Centreon
Centreon is a global provider of business-aware IT monitoring for always-on operations and performance excellence. The company’s holistic, AIOps-ready platform is designed for today’s complex, distributed hybrid cloud infrastructures. Centreon monitors the complete IT Infrastructure from Cloud-to-Edge for a clear and comprehensive view. Centreon removes blind spots, monitoring all equipment, middleware and applications that are part of modern IT workflows, from on-premise legacy assets to private and public cloud environments, all the way to the edge of the network, where smart devices and customers combine to create business value. Centreon is constantly current, able to support the most dynamic environments. With auto-discovery capabilities it can keep track of Software-Defined Network (SDN) elements, AWS or Azure cloud assets, Wi-Fi access points or any other component of today’s agile IT infrastructure. -
28
Keyfactor Command for IoT
Keyfactor
Keyfactor Command for IoT is a comprehensive identity management solution designed to secure IoT devices at scale. It automates the issuance, management, and lifecycle of IoT device certificates from manufacturing to end-of-life, ensuring each device remains trusted and secure throughout its lifespan. The platform offers centralized visibility to track and manage device identities, making it easier to maintain compliance, prevent security breaches, and reduce the risk of costly recalls. With features like automated provisioning, revocation, and integration with leading IoT platforms, Keyfactor Command for IoT simplifies device identity management across industries like automotive, healthcare, and manufacturing. -
29
Gurucul
Gurucul
Data science driven security controls to automate advanced threat detection, remediation and response. Gurucul’s Unified Security and Risk Analytics platform answers the question: Is anomalous behavior risky? This is our competitive advantage and why we’re different than everyone else in this space. We don’t waste your time with alerts on anomalous activity that isn’t risky. We use context to determine whether behavior is risky. Context is critical. Telling you what’s happening is not helpful. Telling you when something bad is happening is the Gurucul difference. That’s information you can act on. We put your data to work. We are the only security analytics company that can consume all your data out-of-the-box. We can ingest data from any source – SIEMs, CRMs, electronic medical records, identity and access management systems, end points – you name it, we ingest it into our enterprise risk engine. -
30
BMC Helix Remediate
BMC Software
Automated security vulnerability management for 14X faster remediation. BMC Helix Remediate uses advanced analytics and automation to quickly fix security vulnerabilities and manage compliance of on-premises and cloud infrastructure. Strengthen security, ensure compliance, improve productivity, and lower costs. Imports and analyzes data from vulnerability scanners, maps vulnerabilities to assets and patches, sets priorities, and automates corrective action. Provides real-time visibility into security vulnerabilities, missing patches, and misconfigured resources. Uses simplified patching for rapid remediation of security vulnerabilities both on premises and in the cloud. Leverages automation to ensure compliance with external regulations and internal organizational policies. Automates configuration testing and remediation for resources on AWS, Azure, and GCP to ensure cloud services and containers are managed consistently and securely.