Page 2 | Best IT Security Software for GitHub

Tyk

Tyk Technologies

Tyk is a leading Open Source API Gateway and Management Platform, featuring an API gateway, analytics, developer portal and dashboard. We power billions of transactions for thousands of innovative organisations. By making our capabilities easily accessible to developers, we make it fast, simple and low-risk for big enterprises to manage their APIs, adopt microservices and adopt GraphQL. Whether self-managed, cloud or a hybrid, our unique architecture and capabilities enable large, complex, global organisations to quickly deliver highly secure, highly regulated API-first applications and products that span multiple clouds and geographies.

1 Rating

Starting Price: $600/month

View Software

Bugfender

Beenario

Remote logger, crash reporter and in-app user feedback Bugfender is a log storage service for application developers. Bugfender collects everything happening in the application, even if it doesn’t crash, in order to reproduce and resolve bugs more effectively and provide better customer support. Bugfender respects your user's privacy, is battery and network efficient and keeps logging even if the device is offline. Track and destroy bugs before users even notice. Bugfender logs all bugs on all devices and sends the results in seconds - enabling you to find and fix bugs before your users even get an error message. Achieve 5-Star Ratings. Bugfender doesn’t just log bugs and crashes. It logs all the information you’ll ever need so you can build a clear picture of your users and earn those crucial five-star ratings. Deliver world-class customer service. Our logging tool enables you to target individual users and provide personalized customer support.

1 Rating

Starting Price: €29 per month

View Software

HackenProof

We are a web3 bug bounty platform since 2017. We help to set a clear scope (or you can do it by yourself), agree on a budget for valid bugs (platform subscription is free), and make recommendations based on your company`s needs. We launch your program and reach out to our committed crowd of hackers, attracting top talent to your bounty program by with consistent and coordinated attention. Our community of hackers starts searching for vulnerabilities. Vulnerabilities are submitted and managed via our Coordination platform. Reports are reviewed and triaged by the HackenProof team (or by yourself), and then passed on to your security team for fixing. Depending on preference, you can choose to publicly disclose any reports, once the issues are resolved. We connect business with a community of hackers from different parts of the globe.

1 Rating

Starting Price: $0 per month

View Software

Nucleus

Nucleus is redefining the vulnerability management software category as the single source of record for all assets, vulnerabilities, and associated data. We unlock the value you’re not getting from existing tools and place you squarely on the path to program maturity by unifying the people, processes, and technology involved in vulnerability management. With Nucleus, you receive unmatched visibility into your program and a suite of tools with functionality that simply can’t be replicated in any other way. Nucleus is the single shift-left tool that unifies development and security operations. It unlocks the value you’re not getting out of your existing tools and puts you on the path to unifying the people, processes, and technology involved in addressing vulnerabilities and code weaknesses. With Nucleus, you’ll get unmatched pipeline integration, tracking, triage, automation and reporting capabilities and a suite of tools with functionality.

1 Rating

Starting Price: $10 per user per year

View Software

Mend.io

Trusted by the world's leading companies, including IBM, Google, and Capital One, Mend.io's enterprise suite of application security tools is designed to help you build and manage a mature, proactive AppSec program. Mend.io understands the different AppSec requirements of developers and security teams. Unlike other AppSec solutions that force everyone to use a single tool, Mend.io helps them work in harmony by giving each team different, but complementary, tools - enabling them to stop chasing vulnerabilities and start proactively managing application risk.

1 Rating

Starting Price: $1,000 per developer, per year

View Software

Acunetix

Invicti Security

As the market leader in automated web application security testing, Acunetix by Invicti is the go-to security tool for Fortune 500 companies. DevSecOps teams can cut through the noise to uncover unseen risks and mitigate dangerous exploits, detecting and reporting on a wide array of vulnerabilities. With an industry-leading crawler that fully supports HTML5, JavaScript, and Single-page applications, Acunetix enables the auditing of complex, authenticated applications for deeper insight into an organization's risk posture. It's a leader for a reason: the technology behind Acunetix delivers the only product on the market that can automatically detect out-of-band vulnerabilities to enable comprehensive management, prioritization, and control for vulnerability threats by criticality. Plus, it's available both online and as an on-prem solution, integrating with popular issue trackers and WAFs so that DevSecOps teams don't have to slow down when building innovative apps.

1 Rating

View Software

Jit

DevOps ain’t easy! We are hearing more and more about the breakdown and friction where Dev meets Ops, so let’s not even talk about all the other shift-left domains that add another layer of complexity in the middle like DevSecOps. Where this comes with the need to implement and integrate dozens of security tools in their SDLC. But what if it doesn’t have to be difficult? Jit's DevSecOps Orchestration Platform allows high-velocity Engineering teams to own product security while increasing dev velocity. With a unified and friendly developer experience, we envision a world where every cloud application is born with Minimal Viable Security (MVS) embedded and iteratively improves by adding Continuous Security into CI/CD/CS.

1 Rating

View Software

Xygeni

Xygeni Security

Secure your Software Development and Delivery! Xygeni specializes in Application Security Posture Management (ASPM), using deep contextual insights to effectively prioritize and manage security risks while minimizing noise and overwhelming alerts. Our innovative technologies automatically detect malicious code in real-time upon new and updated components publication, immediately notifying customers and quarantining affected components to prevent potential breaches. With extensive coverage spanning the entire Software Supply Chain—including Open Source components, CI/CD processes and infrastructure, Anomaly detection, Secret leakage, Infrastructure as Code (IaC), and Container security—Xygeni ensures robust protection for your software applications. Trust Xygeni Security to protect your operations and empower your team to build and deliver with integrity and security.

1 Rating

View Software

Backslash Security

Backslash

Ensure the security of your code and open sources. Identify externally reachable data flows and vulnerabilities for effective risk mitigation. By identifying genuine attack paths to reachable code, we enable you to fix only the code and open-source software that is truly in use and reachable. Avoid unnecessary overloading of development teams with irrelevant vulnerabilities. Prioritize risk mitigation efforts more effectively, ensuring a focused and efficient security approach. Reduce the noise CSPM, CNAPP, and other runtime tools create by removing unreachable packages before running your applications. Meticulously analyze your software components and dependencies, identifying any known vulnerabilities or outdated libraries that could pose a threat. Backslash analyzes both direct and transitive packages, ensuring 100% reachability coverage. It outperforms existing tools that solely focus on direct packages, accounting for only 11% of packages.

1 Rating

View Software

PureAUTH

PureID

Eliminate passwords and associated risks from your enterprise with PureAUTH. PureAUTH offers unmatched benefits over any other enterprise multi-factor authentication solution out there. Simple to deploy, easy to integrate & smooth to use. Secure and breach resilient technology. Reduce cost & overheads of compliance/governance. With a new breach every day, enterprises are becoming more aware of risk and inconvenience of passwords. Many enterprises are considering going passwordless. PureAUTH gives uniform & frictionless authentication experience across all the enterprise resources. Corporate networks, AWS, Azure, Google Cloud platform. Enterprise applications with or without SSO, on premise or cloud. Web Applications, Executive dashboards, IoT and industrial systems console. Every enterprise is different so are their authentication needs. PureAUTH provides seamless integrations with enterprise resources across multiple clouds, on premise and also in a hybrid environment.

1 Rating

View Software

RevealSecurity

Reveal Security ITDR detects identity threats in and across SaaS applications and cloud services – post authentication. The solution uses a patented unsupervised machine learning algorithm to continuously monitor and validate the behavior of human and machine identities to quickly and accurately alert on suspicious activity. Organizations can protect against account takeover attacks, insider threats, and third party/supply chain risk, after the point of login, without the need for creating rules which are noisy, expensive and also require you to know what you are looking for.

1 Rating

View Software

SolarWinds Loggly

SolarWinds

SolarWinds® Loggly® is a cost-effective, hosted, and scalable full-stack, multi-source log management solution combining powerful search and analytics with comprehensive alerting, dashboarding, and reporting to proactively identify problems and significantly reduce Mean Time to Repair (MTTR). LOGGLY AT A GLANCE » Full-stack, multi-source log aggregation, log monitoring, and data analytics » Log analytics show events in context, highlight patterns, and detect anomalies for deeper insights » Highly scalable to ingest massive data volumes and help enable quick searching across large and complex environments » Spot usage patterns with application, service, and infrastructure-aligned historical analysis of user, log, and infrastructure data » Manage by exception by identifying variations from normal with powerful log formatting and analytic search capabilities

Starting Price: Free

View Software

SecureStack

With triggers in your CI/CD pipeline, SecureStack can check for common security issues and stop those issues from getting into your applications. SecureStack embeds security automatically with every git push. We built our technology to test every facet of your application security looking for things like missing security controls, are you using encryption correctly; we test the efficacy of your WAF and are your cloud-native components secure and more than 250 other data points. All of that was delivered in less than 60 seconds. See what a hacker can see when they view your applications. Test and compare your development, staging and production environments to quickly find critical differences and understand ways to fix high-priority defects. We help you decompose your web application so you are aware of all the resources your app is using behind the scenes.

Starting Price: $500/mo

View Software

Appdome

Appdome changes the way people build mobile apps. Appdome’s industry defining no-code mobile solutions platform uses a patented, artificial-intelligence coding technology to power a self-serve, user-friendly service that anyone can use to build new security, authentication, access, enterprise mobility, mobile threat, analytics and more into any Android and iOS app instantly. There are over 25,000 unique combinations of mobile features, kits, vendors, standards, SDKs and APIs available on Appdome. Over 200+ leading financial, healthcare, government, and m-commerce providers use Appdome to consistently deliver richer and safer mobile experiences to millions of mobile end users, eliminating complex development and accelerating mobile app lifecycles.

Starting Price: $0

View Software

Applivery

Applivery is the most powerful Unified Endpoint Management (UEM) platform that provides full control over App Distribution and Device Management for Android, Windows, and Apple. Its easy-to-use, cloud-based Mobile Device Management (MDM) solution enables efficient remote management with top-notch security. It seamlessly integrates into organizations of all sizes, requiring only a few minutes to set up.

Starting Price: €2/device

View Software

YAG-Suite

YAGAAN

The YAG-Suite is a French made innovative tool which brings SAST one step beyond. Based on static analysis and machine learning, YAGAAN offers customers more than a source code scanner : it offers a smart suite of tools to support application security audits as well as security and privacy by design DevSecOps processes. Beyond classic vulnerability detection, the YAG-Suite focuses the team attention on the problems that really matter in their business context, it supports developers in their understanding of the vulnerability causes and impacts. Its contextual remediation support them in fixing efficiently the problems while improving their secure coding skills. Additionally, YAG-Suite's unprecedented 'code mining' support security investigations of an unknown application with mapping all relevant code features and security mechanisms and offers querying capabilities to search for 0-days or non automatically detectable risks. PHP, Java and Python are supported. JS, C/C++ coming soon

Starting Price: From €500/token or €150/mo

View Software

Apozy Airlock

Apozy

Apozy Airlock. The browser endpoint detection and response platform that neutralizes web attacks in one click. The Internet is a dangerous place. It doesn’t have to be. Airlock fills the gap in your EPP/EDR by protecting the browser, delivering a safe, clean, and lightning-fast internet experience. Powered by the very first visually-aware native browser isolation platform with over 6 petabytes of visual data, Airlock prevents web attacks in real time. Airlock stops spearfishing in its tracks. With a visual model database of over 67.83 billion pages which analyzes over 12.20 trillion links per year, our technology protects anyone clicking on a malicious link by sandboxing the threat.

Starting Price: $9/month/user

View Software

Observe

Observe – the AI-powered observability company – is reinventing how businesses detect anomalies, troubleshoot applications, and resolve incidents to deliver exceptional customer experiences. Only Observe eliminates silos of logs, metrics, and traces by storing all data in a single, cost-efficient data lake, analyzing all telemetry data using a single language, and providing access through a single, consistent, user interface. Observe’s AI-Powered Observability enables companies to resolve software incidents three times faster at one-third the cost. Customers such as Capital One, Dialpad AI, Top Golf and more trust Observe to turn their data into actionable insights.

Starting Price: $0.35 Per GiB

View Software

SyncTree

Ntuple

SyncTree strives to be a "Super Connecting Platform" that can easily connect any services you want. With SyncTree, which consists of SyncTree STUDIO, a solution for building backend business logic with block coding, and Block Store, a platform for buying and selling pre-made backend function blocks like App Store, you can organically utilize data and connect services to achieve unlimited service expansion. Based on aPaaS, Block Store provides APIs from various services such as ChatGPT, DALLE, YouTube, etc. in the form of 'backend function blocks', which you can subscribe to and then combine as you want quickly in SyncTree STUDIO to build your business logic. SyncTree is for everyone, whether you're an individual or a business, and you can subscribe and use it according to your needs, from the free version to the PRO version.

Starting Price: Free/1Month/3,000 Call

View Software

Strobes RBVM

Strobes Security

Strobes RBVM simplifies vulnerability management with its all-in-one platform, streamlining the process of identifying, prioritizing, and mitigating vulnerability risks across various attack vectors. Through seamless automation, integration, and comprehensive reporting, organizations can proactively enhance their cybersecurity posture. Integrate multiple security scanners, threat intel, & IT ops tools to aggregate thousands of vulnerabilities but only end up patching the most important ones by using our advanced prioritization techniques. Strobes Risk Based Vulnerability Management software goes beyond the capabilities of a standalone vulnerability scanner by aggregating from multiple sources, correlating with threat intel data and prioritising issues automatically. Being vendor agnostic we currently support 50+ vendors to give you an extensive view of your vulnerability landscape within Strobes itself.

Starting Price: $999

View Software

Contrast Security

Modern software development must match the speed of the business. But the modern AppSec tool soup lacks integration and creates complexity that slows software development life cycles. Contrast simplifies the complexity that impedes today’s development teams. Legacy AppSec employs a one-size-fits-all vulnerability detection and remediation approach that is inefficient and costly. Contrast automatically applies the best analysis and remediation technique, dramatically improving efficiencies and efficacy. Separate AppSec tools create silos that obfuscate the gathering of actionable intelligence across the application attack surface. Contrast delivers centralized observability that is critical to managing risks and capitalizing on operational efﬁciencies, both for security and development teams. Contrast Scan is pipeline native and delivers the speed, accuracy, and integration demanded by modern software development.

Starting Price: $0

View Software

Accelario

Take the load off of DevOps and eliminate privacy concerns by giving your teams full data autonomy and independence via an easy-to-use self-service portal. Simplify access, eliminate data roadblocks and speed up provisioning for dev, testing, data analysts and more. Accelario Continuous DataOps Platform is a one-stop-shop for handling all of your data needs. Eliminate DevOps bottlenecks and give your teams the high-quality, privacy-compliant data they need. The platform’s four distinct modules are available as stand-alone solutions or as a holistic, comprehensive DataOps management platform. Existing data provisioning solutions can’t keep up with agile demands for continuous, independent access to fresh, privacy-compliant data in autonomous environments. Teams can meet agile demands for fast, frequent deliveries with a comprehensive, one-stop-shop for self-provisioning privacy-compliant high-quality data in their very own environments.

Starting Price: $0 Free Forever Up to 10GB

View Software

Sn1per Professional

Sn1perSecurity

Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk. With Sn1per Professional, you can discover the attack surface and continuously monitor it for changes. It integrates with the leading open source and commercial security testing tools for a unified view of your data. + Discover hidden assets and vulnerabilities in your environment. + Integrate with the leading commercial and open source security scanners to check for the latest CVEs and vulnerabilities in your environment. + Save time by automating the execution of open source and commercial security tools to discover vulnerabilities across your entire attack surface. + Discover and prioritize risks in your organization. Get an attacker's view of your organization today with Sn1per Professional!

Starting Price: $984/user

View Software

SOOS

Industry-low pricing for SCA, DAST and SBOM management. SOOS SCA gives you everything you need in an SCA solution for one low price. SOOS DAST integrates into your build pipeline and consolidates DAST test results with SCA vulnerability scans in a single powerful web dashboard. Assembling a comprehensive SBOM from third party software or open source components is easy with SOOS SBOM Manager. Ingest, manage, and continually monitor third party SBOMs. Add SBOMs generated by your in house software developers using SOOS SCA. Use our API to access any of our 54M+ open source SBOMs. SOOS makes it easy to comply with government SBOM regulations and mandates.

Starting Price: $0 per month

View Software

Strong Network

Strong Network allows the management of containers for DevOps online (as opposed to locally on developers laptop) and access them through a cloud IDE or a SSH connection (in the case of a local IDE). These containers provide a complete management of access keys and credentials to multiple types of resources, in addition to providing data loss prevention (DLP). In addition we combine the IDE with a secure chrome browser (remote browser isolation) such that any third party applications for DevOps can be accessed with DLP. This platform is a complete replacement for VDI/DaaS for code development. Our platform allows the provisioning and management of containers for development online (as opposed to locally on developers' laptops, using a solution like docker desktop for example) and enables accessing them through a cloud IDE or a SSH connection (in the case of a local IDE).

Starting Price: $39

View Software

Axonius

Axonius gives customers the confidence to control complexity by providing a system of record for all digital infrastructure. With a comprehensive understanding of all assets including devices, identities, software, SaaS applications, vulnerabilities, security controls, and the context between all assets, customers are able to mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy — all while eliminating manual, repetitive tasks. Recognized as creators of the Cyber Asset Attack Surface Management (CAASM) category and innovators in SaaS Management Platform (SMP) and SaaS Security Posture Management (SSPM), Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically enforce policies and automate action.

View Software

Reshift

Reshift Security

The ultimate tool to help Node.js developers secure their custom code. Developers are 4x more likely to fix issues before code is checked in. Reshift makes shifting security left seamless with security bug detection and remediation at compile time. A security tool that works with your developers, without slowing them down. Reshift integrates with the developers’ IDE so security issues are found in real-time and fixed before the code is merged. New to security? Reshift makes it easy to build code security into your pipeline for the first time. A tool built for growing software companies looking to level up their security. Not a security expert? Reshift is made for SMB’s, making it easy to set up with no need for security expertise. Improve code security, while learning about secure code.Reshift provides rich content and best practices, so developers learn about security while writing code.

Starting Price: $99 per month

View Software

JupiterOne

JupiterOne is a cyber asset analysis platform every modern security team needs to collect and transform asset data into actionable insights to secure their attack surface. JupiterOne was created to make security as simple as asking a question and getting the right answer back, with context, to make the right decision. With JupiterOne, organizations are able to see all asset data in a single place, improve confidence in choosing their priorities and optimize the deployment of their existing security infrastructure.

Starting Price: $2000 per month

View Software

Ping Identity

Ping Identity builds identity security for the global enterprise with an intelligent identity platform that offers comprehensive capabilities including single sign-on (SSO), multi-factor authentication (MFA), directory, and more. Ping helps enterprises balance security and user experience for workforce, customer, and partner identity types with a variety of cloud deployment options including identity-as-a-service (IDaaS), containerized software, and more. Ping has solutions for both IT and developer teams. Enable digital collaboration with simple integrations to these popular tools. Support your employees wherever they are with integrations to these popular tools. Deploy quickly with interoperability across the entire identity ecosystem. Whether you just want single sign-on (SSO) or a risk-based, adaptive authentication authority, starting off with a PingOne solution package lets you only pay for what you need, and gives you room to grow.

Starting Price: $5 per user per month

View Software

BluBracket Code Security Suite

BluBracket

The first comprehensive security solution for code in the enterprise. Software is more valuable than ever. It’s also more collaborative, open and complex—making it a threat to corporate security. BluBracket gives companies visibility into where source code introduces security risk while also enabling them to fully secure their code—without altering developer workflows or productivity. You can’t secure what you can’t see, and today’s collaborative coding tools equals code proliferation that companies have no visibility into. BluBracket gives companies a BluPrint of their code environments so they know where their code is and who has access to it, both inside and outside the organization. And most importantly, with one click you can classify the most important code, so you can show a detailed chain of custody for any audit or compliance needs.

Starting Price: $2500 per month

View Software

Best IT Security Software for GitHub - Page 2

Compare the Top IT Security Software that integrates with GitHub as of June 2025 - Page 2