Best IT Security Software for GitHub - Page 4
View:
Compare the Top IT Security Software that integrates with GitHub as of November 2025 - Page 4
Sort By:
This a list of IT Security software that integrates with GitHub. Use the filters on the left to add additional filters for products that have integrations with GitHub. View the products that work with GitHub in the table below.
-
1
Aserto
Aserto
Aserto helps developers build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs. Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, relationship data, and decision logs. And it comes with everything you need to implement RBAC or fine-grained authorization models, such as ABAC, and ReBAC. Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, verStarting Price: $0 -
2
Phoenix Security
Phoenix Security
Phoenix Security enables security, developers, and businesses to all talk the same language. We help security professionals focus on the vulnerabilities that matter most across cloud, infrastructure, and application security. Laser focuses on the 10% of vulnerabilities that matter today, and reduces risk faster with prioritized contextualized vulnerabilities. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Threat intelligence automatically in the risk improves efficiency enabling fast reaction. Aggregate, correlate and contextualize multiple security tools and data sources, providing your business with unprecedented visibility. Break down the silos between application security, operational security, and the business.Starting Price: $3,782.98 per month -
3
Pagerly
Pagerly
At Pagerly, we understand the unique needs of your organization. Our platform offers extensive customization options to tailor the incident management process to your specific requirements. You don't need to introduce another tool with Pagerly working with your already tech stack. Easily manage all requests and incidents without any window switching and benefit from all Slack collaboration features. Update the team's channel topic with the current oncall whenever oncall changes. You can easily view and monitor the status, progress, and resolution time of these tickets, ensuring prompt action and preventing any potential breaches.Starting Price: $15 per month -
4
Betterscan.io
Betterscan.io
Reduce MTTD & MTTR with full coverage within minutes of using. Full DevSecOps toolchain across your all environments, implementing and collecting evidence as part of your continuous security. Unified and de-duplicated across all the layers we orchestrate. One line to add several thousand checks + AI. It was built with security in mind, and we have avoided common security mistakes and pitfalls. Understands modern technologies. All are callable via REST API. Integrateable with CI/CD systems, lightweight and fast. You can self-host it for 100% code control and transparency, or run source available binary only in your own CI/CD. Use a source-available solution for complete control and transparency. Trivial setup, no software installation, compatible with many programming languages. Detects more than several thousand code and infrastructure issues and counting. You can review the issues, mark them as false positives, and collaborate on issues.Starting Price: €499 one-time payment -
5
Seal Security
Seal Security
Redefine open source vulnerability and patch management with Seal Security. Easy integration directly into your existing SDLC, and workflows. Standalone security patches for immediate resolution of critical security issues. Predictable remediation and optimal resource allocation, with centralized control and reduced R&D dependency. Streamline your open source vulnerability remediation without introducing the risk of breaking changes. Say goodbye to alert fatigue and start patching with Seal Security. Pass every product security scan with confidence. Seal Security provides immediate remediation for open source vulnerabilities. By meeting your customers' SLAs and offering a vulnerability-free product, you can ensure customer trust and fortify your market standing. Seal Security seamlessly integrates with various coding languages, patch management systems, and open source platforms through powerful APIs and CLI.Starting Price: Free -
6
Ostorlab
Ostorlab
Uncover your organization's vulnerabilities with ease using Ostorlab. It goes beyond subdomain enumeration, accessing mobile stores, public registries, crawling targets, and analytics to provide a comprehensive view of your external posture. With a few clicks, gain valuable insights to strengthen security and protect against potential threats. From insecure injection and outdated dependencies to hardcoded secrets and weak cryptography, Ostorlab automates security assessments and identifies privacy issues. Ostorlab empowers security and developer teams to analyze and remediate vulnerabilities efficiently. Experience hands-off security with Ostorlab's continuous scanning feature. Automatically trigger scans on new releases, saving you time and effort while ensuring continuous protection. Access intercepted traffic, file system, function invocation, and decompiled source code with ease using Ostorlab. See what attackers see and save hours of manual tooling and grouping of outputs.Starting Price: $365 per month -
7
esChecker
eShard
With esChecker, fasten your release cycles, dramatically reduce testing and delivery costs, and mitigate risks. Don't compromise your digitalization, leverage your mobile application security with automated testing within your CI/CD process. With a unique dynamic analysis feature, esChecker automatically executes the mobile application binary on unsafe devices and gives immediate feedback on your protections. Like any other IT system component, mobile apps must be designed, developed, and maintained with security in mind. They are the entry point to the system and require special attention. Compared to pentesting, a MAST tool enables a shorter, quicker, and more efficient security testing process to better control the application's code as it progresses. It’s about code verification integrated into a development cycle and it gives immediate feedback, allows compliance, and can be integrated into a DevSecOps process.Starting Price: Free -
8
GitHub Advanced Security for Azure DevOps is an application security testing service that is native to the developer workflow. It empowers Developer, Security, and Operations (DevSecOps) teams to prioritize innovation and enhance developer security without sacrificing productivity. Detect and prevent secret leaks from your application development processes with secret scanning. Take advantage of a partner program of more than 100 service providers and scanning for more than 200 token types. Adopt secret scanning quickly and easily without the need for additional tooling via the Azure DevOps UI. Protect your software supply chain by identifying any vulnerable open source components you may be using with dependency scanning. Get straightforward guidance on how to update component references so you can fix issues in minutes.Starting Price: $2 per GiB
-
9
StepSecurity
StepSecurity
If you are using GitHub Actions for CI/CD and are worried about the security of CI/CD pipelines, StepSecurity platform is for you. Implement network egress control and CI/CD infrastructure security for GitHub Actions runners. Discover CI/CD risks and GitHub Actions security misconfiguration. Standardize GitHub Actions CI/CD pipeline as code files by automated pull requests. Provides runtime security to help you prevent SolarWinds and Codecov CI/CD security attacks by blocking egress traffic with an allowlist. Instant contextualized insight into network and file events for all workflow runs. Control network egress traffic with granular job-level and default cluster-wide policies. Many GitHub Actions are not maintained and are risky. Enterprises fork such Actions, but ongoing maintenance is expensive. By offloading the tasks of reviewing, forking, and maintaining Actions to StepSecurity, enterprises can realize substantial risk reduction and time savings.Starting Price: $1,600 per month -
10
RunReveal
RunReveal
We questioned every assumption about SIEM and rebuilt it from the ground up. The result is a faster, cheaper, and higher fidelity security data platform designed to detect threats like never before. Attackers are not using sophisticated techniques to compromise your systems. They are logging into legitimate accounts and using them to move laterally. Detecting these compromises is hard for even the most sophisticated teams. RunReveal collects all of your logs, filters out the noise, and tells you about the things that are happening in your systems that really matter. Whether you have petabytes or gigabytes, RunReveal can correlate threats across all of your log sources and deliver high-quality alerts out of the box. We've invested in security controls that give us a strong foundational security program. Our philosophy is that by improving our security posture, it allows us to understand our customers even better.Starting Price: $200 per month -
11
Aftra
Aftra
Gain valuable insights, protect sensitive data, and strengthen your defenses with our automated scanning, monitoring, and continuous vulnerability detection. Aftra provides the insight; you steer the course. Safeguard your reputation, trust, and assets. Aftra illuminates what needs protection. Aftra is your ally in the fight against cyber threats. Proactive, insightful, and empowering. Aftra empowers you with insights and tools to secure your digital assets, so you can make informed decisions and bolster your defenses with confidence. Aftra offers a comprehensive view of both internal and external digital assets, providing invaluable insights for making informed security decisions. Aftra identifies both known and unknown domains and accounts associated with your organization. Aftra actively suggests domains and accounts that may belong to your organization. Aftra reveals the services and accounts used by your company and identifies employee digital footprints on third-party platforms. -
12
Pynt
Pynt
Pynt is an innovative API Security Testing platform exposing verified API threats through simulated attacks. We help hundreds of companies such as Telefonica, Sage, Halodoc, and more, to continuously monitor, classify and attack poorly secured APIs, before hackers do. Pynt's leverages an integrated shift-left approach, and unique hack technology using home-grown attack scenarios, to detect real threats, discover APIs, suggest fixes to verified vulnerabilities, thereby eliminating the API attack surface risk. Thousands of companies rely on Pynt to secure the no. 1 attack surface - APIs, as part of their AppSec strategy.Starting Price: $1888/month -
13
Resmo
Resmo
All-in-one platform for SaaS app and access management for modern IT teams. Streamline app discovery, identity security, user offboarding, access reviews, and cost tracking. Actively scan and notify for vulnerabilities with 100+ native integrations with your favorite tools. Review identity access permissions, OAuth risks, and SSO logins. Uncover shared accounts, weak passwords, excessive permissions, externally shared files, and more. Let them use the SaaS they need to get their job done quickly. Lift the burden of security checks on your IT and security teams with automation. Offboard employees securely with no dormant accounts left behind. We empower your team to take ownership of security without any roadblocks, ensuring a seamless and secure workflow. Get accurate visibility over the apps your employees login with their business accounts. Empower your workforce with SaaS adoption while maintaining control over your SaaS security posture.Starting Price: $2 per month -
14
Gecko Security
Gecko Security
Gecko makes it possible to find 0 days that previously only humans could find. We are on a mission to automate hacker intuition and build the next generation of security tooling. Gecko is an AI-powered security engineer that finds and fixes vulnerabilities in your codebase. Gecko tests your code like a hacker and finds logical vulnerabilities that slip past other tools. Findings are verified in a secure sandbox, minimizing false positives. Gecko integrates into your environment and catches vulnerabilities as they emerge. Secure the code you ship without slowing down development. Vulnerabilities are verified and prioritized. No noise, only actual risk. Gecko creates targeted attack scenarios to test your code like a hacker. No more wasting engineering time and cost on patching vulnerabilities. Connect your existing SAST tools and integrate them into your security stack. Our optimized testing can complete comprehensive pentests in hours.Starting Price: Free -
15
ZITADEL
ZITADEL
ZITADEL is an open-source identity and access management platform designed to simplify authentication and authorization for applications. It offers a comprehensive suite of features, including customizable hosted login pages, support for modern authentication methods such as Single Sign-On (SSO) and social logins, and enforcement of multifactor authentication to enhance security. Developers can integrate authentication directly into their applications using ZITADEL's APIs or build dedicated login interfaces. The platform supports role-based access control, allowing for precise permission assignments based on user roles, and is inherently multi-tenant, facilitating easy extension of applications to new organizations. ZITADEL's extensibility enables seamless adaptation to various workflows, user management processes, and brand guidelines, with features like ZITADEL Actions that execute workflows after predefined events without the need for additional code deployment.Starting Price: $100 per month -
16
Trivy
Aqua Security
Trivy is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues. Trivy supports the most popular programming languages, operating systems, and platforms. Trivy is available in the most common distribution channels. Trivy is integrated with many popular platforms and applications. Trivy is integrated into many popular tools and applications so that you can easily add security to your workflow. Find vulnerabilities, misconfigurations, secrets, and SBOM in containers, Kubernetes, code repositories, clouds, and more.Starting Price: Free -
17
Docker Scout
Docker
Container images consist of layers and software packages, which are susceptible to vulnerabilities. These vulnerabilities can compromise the security of containers and applications. Docker Scout is a solution for proactively enhancing your software supply chain security. By analyzing your images, Docker Scout compiles an inventory of components, also known as a Software Bill of Materials (SBOM). The SBOM is matched against a continuously updated vulnerability database to pinpoint security weaknesses. Docker Scout is a standalone service and platform that you can interact with using Docker Desktop, Docker Hub, the Docker CLI, and the Docker Scout Dashboard. Docker Scout also facilitates integrations with third-party systems, such as container registries and CI platforms. Reveal and dig into the composition of your images. Ensure that your artifacts align with supply chain best practices.Starting Price: $5 per month -
18
Auth.js
Auth.js
Auth.js is an open-source authentication library designed to integrate seamlessly with modern JavaScript frameworks, providing a flexible and secure authentication experience. It supports various authentication methods, including OAuth (e.g., Google, GitHub), credentials, and WebAuthn, allowing developers to choose the most suitable approach for their applications. Auth.js is compatible with multiple frameworks, such as Next.js, SvelteKit, Express, Qwik, and SolidStart, enabling developers to implement authentication across different platforms. The library offers built-in support for popular databases like Prisma, Drizzle ORM, Supabase, Firebase, and TypeORM, facilitating user data management. Security features include signed cookies, CSRF token validation, and encrypted JSON Web Tokens (JWTs), ensuring robust protection for user data. Auth.js is designed to operate efficiently in serverless environments and provides comprehensive documentation and examples.Starting Price: Free -
19
GitHub Advanced Security
GitHub
With AI-powered remediation, static analysis, secret scanning, and software composition analysis, GitHub Advanced Security helps developers and security teams work together to eliminate security debt and keep new vulnerabilities out of code. Code scanning with Copilot Autofix detects vulnerabilities, provides contextual explanations, and suggests fixes in the pull request and for historical alerts. Solve your backlog of application security debt. Security campaigns target and generate autofixes for up to 1,000 alerts at a time, rapidly reducing the risk of application vulnerabilities and zero-day attacks. Secret scanning with push protection guards over 200 token types and patterns from more than 150 service providers, even elusive secrets like passwords and PII. Powered by security experts and a global community of more than 100 million developers, GitHub Advanced Security provides the insights and automation you need to ship more secure software on schedule.Starting Price: $49 per month per user -
20
Zoho Directory
Zoho
Zoho Directory is a cloud-based identity and access management platform designed to streamline authentication, authorization, and user management for organizations. It offers Single Sign-On (SSO) capabilities, allowing employees to access multiple applications with a single set of credentials, thereby enhancing security and user convenience. The platform supports Multi-Factor Authentication (MFA), adding an extra layer of protection against unauthorized access. Device authentication ensures secure access to both applications and devices, enabling employees to use the same credentials across platforms. Zoho Directory also provides robust provisioning features, allowing IT administrators to create and manage user profiles across various applications directly from the platform, reducing the time spent on repetitive tasks. Integration with existing directories, such as Microsoft Active Directory and Azure AD, is facilitated through directory stores.Starting Price: $1.70/user/month -
21
authentik
authentik
authentik is an open source identity provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and Auth0. Authentik Security is a public benefit company that is building on top of the open-source project. Using a self-hosted, open-source identity provider means prioritizing security and taking control of your most sensitive data. With authentik, you no longer need to continually place your trust in a third-party service. Adopt authentik to your environment, regardless of your requirements. Use our APIs and fully customizable policies to automate any workflow. Simplify deployment and scaling with prebuilt templates and support for Kubernetes, Terraform, and Docker Compose. No need to rely on a third-party service for critical infrastructure or expose your sensitive data to the public internet. Use our pre-built workflows, or customize every step of authentication through configurable templates, infrastructure as code, and comprehensive APIs.Starting Price: $0.02 per month -
22
ZeroThreat.ai
ZeroThreat Inc.
ZeroThreat.ai is an automated penetration testing and vulnerability scanning platform designed to secure web applications and APIs. It detects, prioritizes, and helps mitigate over 40,000+ vulnerabilities, including OWASP Top 10 and CWE Top 25 issues such as logic flaws, misconfigurations, and data leaks. With near-zero false positives and AI-generated remediation reports, ZeroThreat.ai enables security and development teams to identify and fix vulnerabilities up to 10x faster. It integrates seamlessly with CI/CD pipelines, Slack, and Microsoft Teams for continuous testing and real-time alerts. Built for startups and enterprises alike, ZeroThreat.ai delivers speed, accuracy, and scalability, ensuring secure releases and continuous protection against evolving threats.Starting Price: $100/Target -
23
ClearVector
ClearVector
ClearVector is an identity-driven security platform designed to provide real-time detection, investigation, and containment of threats across cloud-native environments. It offers instant notifications of risky activity with the ability to stop and isolate incidents with a single click, enabling rapid decision-making and accountability. ClearVector allows users to investigate incidents by identifying who made changes and why, applying existing incident response knowledge to AWS or GCP environments. ClearVector extends its identity-driven security framework into AWS S3 buckets through its bucket intelligence capability, offering real-time identity attribution for all bucket operations, detailed metrics, and rapid detection of suspicious activities. It also supports deployment directly within AWS environments via ClearVector Private SaaS, ensuring complete data isolation and compliance with data sovereignty requirements.Starting Price: $500 per month -
24
Constellation
Edgeless Systems
Constellation is a CNCF-certified Kubernetes distribution that leverages confidential computing to encrypt and isolate entire clusters, protecting data at rest, in transit, and during processing, by running control and worker planes within hardware-enforced trusted execution environments. It ensures workload integrity through cryptographic certificates and supply-chain security mechanisms (SLSA Level 3, sigstore-based signing), passes Center for Internet Security Kubernetes benchmarks, and uses Cilium with WireGuard for granular eBPF traffic control and end-to-end encryption. Designed for high availability and autoscaling, Constellation delivers near-native performance on all major clouds and supports rapid setup via a simple CLI and kubeadm interface. It implements Kubernetes security updates within 24 hours, offers hardware-backed attestation and reproducible builds, and integrates seamlessly with existing DevOps tools through standard APIs.Starting Price: Free -
25
Dash0
Dash0
Dash0 is an OpenTelemetry-native observability platform that unifies metrics, logs, traces, and resources into one intuitive interface, enabling fast and context-rich monitoring without vendor lock-in. It centralizes Prometheus and OpenTelemetry metrics, supports powerful filtering of high-cardinality attributes, and provides heatmap drilldowns and detailed trace views to pinpoint errors and bottlenecks in real time. Users benefit from fully customizable dashboards built on Perses, with support for code-based configuration and Grafana import, plus seamless integration with predefined alerts, checks, and PromQL queries. Dash0's AI-enhanced tools, such as Log AI for automated severity inference and pattern extraction, enrich telemetry data without requiring users to even notice that AI is working behind the scenes. These AI capabilities power features like log classification, grouping, inferred severity tagging, and streamlined triage workflows through the SIFT framework.Starting Price: $0.20 per month -
26
ByteHide
ByteHide
ByteHide is an all-in-one, developer-first application security platform designed to protect code, secrets, data, and runtime environments, while minimizing your dependencies and risk. It integrates seamlessly with your development workflows and communication tools, delivering key security insights and alerts without disrupting productivity. Operating under a zero-knowledge model, ByteHide uses client-side encryption so only you hold the keys, and it never stores your source code. With minimal, typically read-only permissions, you remain fully in control of what repositories and data sources are analyzed. ByteHide’s core tools include Shield for next-generation code obfuscation and anti-tampering, Secrets for AI-powered secret detection and decentralized management, Monitor for real-time runtime threat detection, and Radar for unified SAST/SCA scanning. These tools run in secure, isolated environments and automatically mask sensitive personal data.Starting Price: €39.99 per month -
27
JS-Confuser
JS-Confuser
JS-Confuser is a powerful, open source JavaScript obfuscation tool that transforms your source code into a highly unreadable form, deterring reverse engineering, tampering, and unauthorized reuse while preserving full functionality. It offers multiple obfuscation techniques, including variable renaming, control flow flattening, string concealing, and function obfuscation, along with locks such as domain-based or date-based execution constraints and integrity checks to detect runtime modifications. Designed for flexibility, it provides obfuscation presets, ranging from 10 to 21+ transformation layers, and also allows fully customizable configurations to suit performance and protection needs. The tool operates entirely in the browser for fast, private obfuscation workflows, and includes advanced tooling features such as a playground for interactive experimentation, customizable options via JavaScript, integrated code prettification, and debugging support.Starting Price: Free -
28
Rafter
Rafter
Rafter is a developer-friendly security scanning platform that lets you detect and address vulnerabilities in your GitHub repositories with a single click or command. It integrates seamlessly via a browser-based dashboard, CLI, or REST API to scan JavaScript, TypeScript, and Python code for a range of issues, including exposed API keys, SQL injection, XSS flaws, insecure dependencies, hardcoded credentials, and authentication weaknesses. Results are clearly categorized into “Errors,” “Warnings,” and “Improvements,” each offering detailed explanations, code locations, remediation steps, and formatted prompts ready to paste into AI coding assistants. You can view findings in JSON or Markdown, automate scans within CI/CD pipelines, and pull scan results directly into your workflows. Whether you prefer no-code, low-code, or full-code environments, Rafter adapts flexibly to your setup, making proactive security early in development effortless and scalable.Starting Price: $39 -
29
PortalGuard
BIO-key International
BIO-key PortalGuard IDaaS is a single, flexible cloud-based IAM platform that offers the widest range of options for multi-factor authentication, biometrics, single sign-on, and self-service password reset to support a customer’s security initiatives and deliver an optimized user experience – all at an affordable price point. For over 20 years, industries such as education, including over 200 institutions, healthcare, finance, and government have chosen PortalGuard as their preferred solution.Whether you’re looking for passwordless workflows, support for your Zero Trust architecture, or just implementing MFA for the first time, PortalGuard can easily secure access for both the workforce and customers whether they are remote or on-premises. PortalGuard’s MFA stands out above others as it is the only solution to offer Identity-Bound Biometrics that offer the highest levels of integrity, security, accuracy, availability and are easier to use than traditional authentication methods. -
30
Praetorian Chariot
Praetorian
Chariot is the first all-in-one offensive security platform that comprehensively catalogs Internet-facing assets, contextualizes their value, identifies and validates real compromise paths, tests your detection response program, and generates policy-as-code rules to prevent future exposures from occurring. As a concierge managed service, we operate as an extension of your team to reduce the burden of day-to-day blocking and tackling. Dedicated offensive security experts are assigned to your account to assist you through the full attack lifecycle. We remove the noise by verifying the accuracy and importance of every risk before ever submitting a ticket to your team. Part of our core value is only signaling when it matters and guaranteeing zero false positives. Gain the upper-hand over attackers by partnering Praetorian. We put you back on the offensive by combining security expertise with technology automation to continuously focus and improve your defensive.
