Best IT Security Software for Java - Page 2
View:
Compare the Top IT Security Software that integrates with Java as of December 2025 - Page 2
Sort By:
This a list of IT Security software that integrates with Java. Use the filters on the left to add additional filters for products that have integrations with Java. View the products that work with Java in the table below.
-
1
KloudMate
KloudMate
Squash latencies, detect bottlenecks, and debug errors. Join a rapidly expanding community of businesses from around the world, that are achieving 20X value and ROI by adopting KloudMate, compared to any other observability platform. Quickly monitor crucial metrics, and dependencies, and detect anomalies through alarms and issue tracking. Instantly locate ‘break-points’ in your application development lifecycle, to proactively fix issues. View service maps for every component in your application, and uncover intricate interconnections and dependencies. Trace every request and operation, providing detailed visibility into execution paths and performance metrics. Whether it's multi-cloud, hybrid, or private architecture, access unified Infrastructure monitoring capabilities to monitor metrics and gather insights. Supercharge debugging speed and precision with a complete system view. Identify and resolve issues faster.Starting Price: $60 per month -
2
OpenFGA
The Linux Foundation
OpenFGA is an open source authorization solution that enables developers to implement fine-grained access control using a user-friendly modeling language and APIs. Inspired by Google's Zanzibar paper, it supports various access control models, including Relationship-Based Access Control (ReBAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). OpenFGA offers SDKs for multiple programming languages, such as Java, .NET, JavaScript, Go, and Python, facilitating seamless integration into diverse applications. The platform is designed for high performance, capable of processing authorization checks in milliseconds, making it suitable for projects ranging from small startups to large enterprises. Operating under the Cloud Native Computing Foundation (CNCF) as a sandbox project, OpenFGA emphasizes transparency and community collaboration, inviting contributions to its development and governance.Starting Price: Free -
3
GitHub Advanced Security
GitHub
With AI-powered remediation, static analysis, secret scanning, and software composition analysis, GitHub Advanced Security helps developers and security teams work together to eliminate security debt and keep new vulnerabilities out of code. Code scanning with Copilot Autofix detects vulnerabilities, provides contextual explanations, and suggests fixes in the pull request and for historical alerts. Solve your backlog of application security debt. Security campaigns target and generate autofixes for up to 1,000 alerts at a time, rapidly reducing the risk of application vulnerabilities and zero-day attacks. Secret scanning with push protection guards over 200 token types and patterns from more than 150 service providers, even elusive secrets like passwords and PII. Powered by security experts and a global community of more than 100 million developers, GitHub Advanced Security provides the insights and automation you need to ship more secure software on schedule.Starting Price: $49 per month per user -
4
personalDNSfilter
Zenz Solutions
personalDNSfilter is a DNS filter proxy written in Java that intercepts domain name resolutions and returns the loopback address for filtered hosts. It supports secure DNS via DNS over HTTPS (DoH) and DNS over TLS (DoT) and is available for Java-enabled devices. The application operates with minimal memory usage, allowing filtering with millions of hosts while consuming only a few megabytes of RAM. On Android devices (version 4.2 and newer), personalDNSfilter functions as an effective ad, malware, and tracking server filter without requiring root access. It works with any upstream DNS server, ensuring that filtering is entirely local without any external communication. The software comes preconfigured with ad host filter lists, and users can add additional host filter lists as desired. personalDNSfilter can be run locally on a device or centrally as a DNS server within a network.Starting Price: Free -
5
Dash0
Dash0
Dash0 is an OpenTelemetry-native observability platform that unifies metrics, logs, traces, and resources into one intuitive interface, enabling fast and context-rich monitoring without vendor lock-in. It centralizes Prometheus and OpenTelemetry metrics, supports powerful filtering of high-cardinality attributes, and provides heatmap drilldowns and detailed trace views to pinpoint errors and bottlenecks in real time. Users benefit from fully customizable dashboards built on Perses, with support for code-based configuration and Grafana import, plus seamless integration with predefined alerts, checks, and PromQL queries. Dash0's AI-enhanced tools, such as Log AI for automated severity inference and pattern extraction, enrich telemetry data without requiring users to even notice that AI is working behind the scenes. These AI capabilities power features like log classification, grouping, inferred severity tagging, and streamlined triage workflows through the SIFT framework.Starting Price: $0.20 per month -
6
Black Duck
Black Duck
Black Duck, part of the Synopsys Software Integrity Group, is a leading provider of application security testing (AST) solutions. Their comprehensive portfolio includes tools for static analysis, software composition analysis (SCA), dynamic analysis, and interactive analysis, enabling organizations to identify and mitigate security vulnerabilities throughout the software development life cycle. By automating the discovery and management of open-source software, Black Duck ensures compliance with security and licensing standards. Their solutions are designed to help organizations build trust in their software by managing application security, quality, and compliance risks at the speed their business demands. Black Duck empowers businesses to innovate securely and deliver software with confidence. -
7
SendSafely
SendSafely
The end-to-end encryption platform for modern business. SendSafely lets you easily exchange encrypted files and information with anyone on any device. Let us take the headache out of secure file exchange. Trusted by leading brands that understand the importance of keeping customer information safe. SendSafely works natively with all major browsers. No software to install, no encryption keys to manage. Use SendSafely for compliance with regulations like HIPAA (BAA available), GDPR, CCPA and more. Use one of our pre-built platform connectors or easily create your own integration with our developer API. Features designed for businesses such as user administration, single sign on and custom branding. SendSafely integrates with many popular third party systems, adding end-to-end encryption to the platforms your users already know and love. Extend the capabilities of your existing apps and infrastructure by seamlessly adding encryption to your existing workflows.Starting Price: $11.50/user/month -
8
Qwiet AI
Qwiet AI
The Fastest Code Analysis, Hands Down. 40X faster scan times so developers never have to wait for results after submitting pull requests. The Most Accurate Results. Qwiet AI has the highest OWASP Benchmark score, which is nearly triple the commercial average and more than double the 2nd highest score. Developer-Centric Security Workflows. 96% of developers report that disconnected security and development workflows inhibit their productivity. Implementing developer-centric AppSec workflows decreases mean-time-to-remediation (MTTR), typically by 5X - enhancing both security and developer productivity. Automatically Find Business Logic Flaws in Dev. Identify vulnerabilities that are unique to your code base before they reach production. Achieve Compliance. Demonstrate and maintain compliance with security and privacy regulations such as SOC 2, PCI-DSS, GDPR, and CCPA.Starting Price: Free -
9
GuardRails
GuardRails
Empowering modern development teams to find, fix and prevent vulnerabilities related to source code, open source libraries, secret management and cloud configuration. Empowering modern development teams to find, fix, and prevent security vulnerabilities in their applications. Continuous security scanning reduces cycle times and speeds up the shipping of features. Our expert system reduces the amount of false alerts and only informs about relevant security issues. Consistent security scanning across the entire product portfolio results in more secure software. GuardRails provides a completely frictionless integration with modern Version Control Systems like Github and GitLab. GuardRails seamlessly selects the right security engines to run based on the languages in a repository. Every single rule is curated to decide whether it has a high security impact issue resulting in less noise. Has built an expert system that detects false positives that is continuously tuned to be more accurate.Starting Price: $35 per user per month -
10
ActiveState
ActiveState
ActiveState delivers Intelligent Remediation for vulnerability management, which enables DevSecOps teams to not only identify vulnerabilities in open source packages, but also to automatically prioritize, remediate, and deploy fixes into production without breaking changes, ensuring that applications are truly secured. Existing tools overwhelm DevSecOps teams with excessive vulnerability data, false positives, and a lack of prioritization, often leading to inaction and increased exposure to exploits. ActiveState’s solution provides your DevSecOps with a comprehensive view of open source vulnerability status across your application portfolio, enabling them to prioritize the vulnerabilities that matter, assess the risk of updates, and choose recommended remediation paths. The ActiveState platform centers on open source languages packaged as runtimes that can be deployed in various form factors. Low-to-no CVE container images are also available for plug-in and play needs. -
11
Phylum
Phylum
Phylum defends applications at the perimeter of the open-source ecosystem and the tools used to build software. Its automated analysis engine scans third-party code as soon as it’s published into the open-source ecosystem to vet software packages, identify risks, inform users and block attacks. Think of Phylum like a firewall for open-source code. Phylum’s database of open-source software supply chain risks is the most comprehensive and scalable offering available, and can be deployed throughout the development lifecycle depending on an organization’s infrastructure and appsec program maturity: in front of artifact repository managers, directly with package managers or in CI/CD pipelines. The Phylum policy library allows users to toggle on the blocking of critical vulnerabilities, attacks like typosquats, obfuscated code and dependency confusion, copyleft licenses, and more. Users can also leverage OPA to create custom policies. -
12
DexProtector
Licel
Instant protection for iOS and Android apps from static and dynamic attacks. A global leader in app and SDK defense with over ten billion installations. DexProtector’s approach to defending your apps is unique. Its Runtime Application Self Protection (RASP) native engine works at a system level deep within the app. From there, it interacts directly with the OS components. This helps it to control key processes and secure the most sensitive parts of your apps and libraries. DexProtector builds layers of protection on top of one another, creating a solid shield around your valuable code and assets. This hardens your apps and prevents real-time attacks. Instant, one-click integration into your CI/CD with no coding required. Protects your apps as well as the communication channel with servers. Provides a secure layer between your app and the operating system. Defends your app against both static and dynamic attacks. -
13
NXLog
NXLog
Achieve complete security observability with powerful insights from your log data. Improve your infrastructure visibility and enhance threat prevention with a versatile multi-platform tool. With support for over 100 operating system versions and more than 120 configurable modules, gain comprehensive insights and increased security. Cut the cost of your SIEM solution by reducing noisy and unnecessary log data. Filter events, truncate unused fields, and remove duplicates to increase the quality of your logs. Collect and aggregate logs from systems across the entire breadth of your organization with a single tool. Reduce complexity in managing security-related events and decrease detection and response times. Empower your organization to meet compliance requirements by centralizing some logs in an SIEM and archiving others in your long-term storage. NXLog Platform is an on-premises solution for centralized log management, with versatile processing. -
14
Casbin
Casbin
Casbin is an open-source authorization library that supports various access control models, including Access Control Lists (ACL), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). It is implemented in multiple programming languages such as Golang, Java, C/C++, Node.js, JavaScript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter), and Elixir, providing a consistent API across different platforms. Casbin abstracts access control models into configuration files based on the PERM metamodel, allowing developers to switch or upgrade authorization mechanisms by simply modifying configurations. It offers flexible policy storage options, supporting various databases like MySQL, PostgreSQL, Oracle, MongoDB, Redis, and AWS S3. The library also features a role manager to handle RBAC role hierarchies and supports filtered policy management for efficient enforcement.Starting Price: Free -
15
Pixee
Pixee
Pixee is an AI-powered automated product security engineer that integrates seamlessly into your development workflow, monitoring repositories and pull requests to provide high-quality fixes instantly. It triages scanner alerts from tools like Sonar, Snyk, and Semgrep, delivering code fixes and unlocking the velocity of GenAI-driven development. Pixee operates like a trusted specialist teammate, fitting into your workflow and current tooling without being a distraction, supporting languages such as Java, Python, JavaScript, Node.js, .NET/C#, and Go. It provides expert security context on each finding to filter out false positives, elevate true positives, and recommend actions, freeing your team from endless manual review. Pixee turns findings into actionable pull requests that developers can review and merge, enabling auto-remediation at scale without the grind.Starting Price: $29 per month -
16
SDS E-Business Server
Software Diversified Services
SDS is now distributing, supporting, and actively developing new features for the proven E-Business Server, the authentic OpenPGP encryption tool originally developed by cryptography pioneer Phil Zimmerman. Using OpenPGP encryption technology and versatile APIs, SDS E-Business Server offers strong encryption that integrates with the widest range of applications and platforms, including the mainframe. E-Business Server is designed for companies that require the highest levels of protection for data stored internally, transmitted within the organization, and distributed beyond its firewalls. Today’s data security mandates are complex but critical. Gain compliance with GDPR and other required standards with unbreakable signature creation and reliable authentication. E-Business Server dramatically reduces file sizes, bandwidth consumption, processing time, and disk space to keep resources under control. -
17
bugScout
bugScout
Platform for detecting security vulnerabilities and analyzing code quality of applications. bugScout was born in 2010, with the objective of promoting global application security through audit and DevOps processes. Our purpose is to promote a culture of safe development and thus provide protection for your company’s information, assets and reputation. Designed by ethical hackers and reputable security auditors, bugScout® follows international security rules and standards and is at the forefront of cybercrime techniques to keep our customers’ applications safe and secure. We combine security with quality, offering the lowest false positive rate on the market and the fastest analysis. Lightest platform on the market, 100% integrated with SonarQube. A platform that unites SAST and IAST, promoting the most complete and versatile source code audit on the market for the detection of Application Security Vulnerabilities. -
18
Oxeye
Oxeye
Oxeye is designed to expose vulnerable flows in distributed cloud native application code. We incorporate next-generation SAST, DAST, IAST, and SCA capabilities to ensure verification of risks in both Dev and Runtime environments. Built for developers and AppSec teams, Oxeye helps to shift-left security while accelerating development cycles, reducing friction, and eliminating vulnerabilities. We deliver reliable results with high accuracy. Oxeye analyzes code vulnerabilities across microservices delivering contextualized risk assessment enriched with infrastructure configuration data. With Oxeye developers can easily track and resolve vulnerabilities. We deliver the vulnerability visibility flow, steps to reproduce, and the exact line of code. Oxeye offers a seamless integration as Daemonset with a single deployment that doesn’t require performing changes in the code. We deliver frictionless security to your cloud-native apps. -
19
Code Intelligence
Code Intelligence
Our platform uses various security techniques, including coverage-guided and feedback-based fuzz testing, to automatically generate millions of test cases that trigger hard-to-find bugs deep within your application. This white-box approach protects against edge cases and speeds up development. Advanced fuzzing engines generate inputs that maximize code coverage. Powerful bug detectors check for errors during code execution. Uncover true vulnerabilities only. Get the input and stack trace as proof, so you can reliably reproduce errors every time. AI white-box testing uses data from all previous test runs to continuously learn the inner-workings of your application, triggering security-critical bugs with increasingly high precision. -
20
Riscure True Code
Riscure
True Code helps development teams efficiently deliver secure code by automating vulnerability identification in the SDLC and DevSecOps process. True Code enables natural collaboration between security evaluators and the development team to discover vulnerabilities as early as possible and resolve issues with better efficiency to make the shift to the left. Leveraging years of experience in connected device security in many industries to prevent hacks that bring down customer trust, cause revenue loss and costly mitigations after the product release. Up until now the process of software evaluation was a manual task with correspondingly high costs and long lead times. It is also quite common that an evaluation takes place at the end of the development cycle causing higher costs to resolve issues as opposed to when issues would have been found in the development phase. -
21
DashO
PreEmptive
Professional obfuscation and in-app protection for over 20 years. We invest in threat and protection research so you don't have to, and we constantly update our protection to stay ahead of the arms race. Protecting your app shouldn't require an army of consultants. You can make your first protected build for Android, Web, or Java in just a few minutes, in whatever build environment you use. Our customers love our support, and consistently give it the highest ratings. Whether you're protecting a mature app that's facing new risks or a new app that you haven't released yet, DashO has you covered. Application development teams face an ever-growing set of security threats as apps become more central to business and attackers grow in sophistication. These days, intellectual property theft is just the beginning, apps are also gateways to trade secret theft, customer/user data theft, and to identifying further attack vectors. -
22
GaraSign
Garantir
There are many excellent enterprise security tools to choose from. Some are managed on-premise, others are consumed as a service, and others still use a hybrid model. The challenge enterprises face is not a lack of tools or solutions, but rather a lack of seamless interconnectivity between these privileged access management tools and a single place to manage and audit them. GaraSign is a platform that allows enterprises to securely and efficiently integrate their security systems in a way that does not disrupt existing business processes. By factoring out what’s common, GaraSign is able to centralize and simplify the management of your enterprise’s most sensitive areas, including privileged access management (PAM), privileged identity management, secure software development, code signing, data security, PKI & HSM solutions, DevSecOps, and more. Enterprise security leaders must attend to data security, privileged access management (PAM), privileged identity management, etc. -
23
TrustLink
AarateK
TrustLink™ is a high-performance biometric identity authentication platform that supports large-scale facial and fingerprint recognition. It is a powerful platform that includes multi-biometric identification technologies and can be used to capture, register, identify, and authenticate fingerprints and faces. It also provides the APIs on the server and client for fast development and deployment into a wide range of applications. TrustLink™ is equipped with Aratek Bione® dynamic optimization algorithm and TrustFace™ face recognition algorithm, it's specialized in the field of large-scale fingerprint and face recognition applications. TrustLink™ is an ideal biometric identity authentication platform for software developers. -
24
SecuPi
SecuPi
SecuPi provides an overarching data-centric security platform, delivering fine-grained access control (ABAC), Database Activity Monitoring (DAM) and de-identification using FPE encryption, physical and dynamic masking and deletion (RTBF). SecuPi offers wide coverage across packaged and home-grown applications, direct access tools, big data, and cloud environments. One data security platform for monitoring, controlling, encrypting, and classifying data across all cloud & on-prem platforms seamlessly with no code changes. Agile and efficient configurable platform to meet current & future regulatory and audit requirements. No source-code changes with fast & cost-efficient implementation. SecuPi’s fine-grain data access controls protect sensitive data so users get access only to data they are entitled to view, and no more. Seamlessly integrate with Starburst/Trino for automated enforcement of data access policies and data protection operations. -
25
TrueZero Tokenization
Spring Labs
TrueZero’s vaultless data privacy API replaces sensitive PII with tokens allowing you to easily reduce the impact of data breaches, share data more freely and securely, and minimize compliance overhead. Our tokenization solutions are leveraged by leading financial institutions. Wherever PII is stored, and however it is used, TrueZero Tokenization replaces and protects your data. More securely authenticate users, validate their information, and enrich their profiles without ever revealing sensitive data (e.g. SSN) to partners, other internal teams, or third-party services. TrueZero minimizes your in-scope environments, speeding up your time to comply by months and saving you potentially millions in build/partner costs. Data breaches cost $164 per breached record, tokenize PII & protect your business from data loss penalties and loss of brand reputation. Store tokens and run analytics in the same way you would with raw data. -
26
Syhunt Hybrid
Syhunt
Syhunt dynamically injects data in web applications and analyzes the application response to determine if the application code is vulnerable, automating the web application security testing and proactively guarding your organization's Web infrastructure against several kinds of web application security threats. Syhunt Hybrid follows simple GUI standards, prioritizing ease of use and automation and thus requiring minimal to no user intervention before or during scans despite a large number of customization options. Compare past scan sessions to determine new, unchanged or removed vulnerabilities. Generate a comparison report that displays the evolution of vulnerabilities over time by automatically comparing previous scan session data related to a specific target. -
27
BlueFlag Security
BlueFlag Security
BlueFlag Security provides multi-layer defense, protecting developer identities and their tools throughout the software development lifecycle (SDLC). Don't let uncontrolled developer and machine identities become the Achilles' heel of your software supply chain. Weaknesses in these identities create a backdoor for attackers. BlueFlag seamlessly integrates identity security across the SDLC safeguarding your code, tools, and infrastructure. BlueFlag automates the rightsizing of permissions for developer and machine identities, enforcing the principle of least privilege throughout the dev environment. BlueFlag enforces strong identity hygiene by deactivating off-boarded users, managing personal access tokens, and restricting direct access to developer tools and repositories. BlueFlag's ensures early detection and prevention of insider threats and unauthorized privileged escalation by continuously monitoring behavior patterns across the CI/CD. -
28
AppSec Labs
AppSec Labs
AppSec Labs is a dedicated application security organization, positioned in the top 10 application security companies worldwide. Our mission is to share our hands-on experience, by providing cutting-edge penetration tests, training/academy & consulting. Full cycle application security consulting services, from design to production. Penetration testing and security assessment services for web, desktop, and mobile applications. High-end, hands-on, training in secure coding and penetration testing on a variety of platforms. We work with a multitude of clients from different industry vectors. In addition to our high-profile customers, we work with small companies and young start-ups. Working with a diverse range of companies from the fields of technology, finance, commerce, HLS, and many more, enables us to allocate the best-suited, experienced, and most naturally-inclined team member to each client, guaranteeing the highest level of service. -
29
AirMDR
AirMDR
AI-powered virtual analysts automate 80-90% of routine tasks, delivering faster, higher-quality, and more affordable alert triage, investigation, and response, all supported by human experts. Say no to expensive, slow, poor quality, and inconsistent investigations. Say hello to precision investigations at blazing-fast speed. Traditional MDRs rely on human analysts for case triage, but at AirMDR, our intelligent virtual analyst processes these cases 20 times faster with greater consistency and depth. At AirMDR, human analysts have to manually triage over 90% fewer cases. Experience high-quality investigation, triage, and response for every alert, with 90% of alerts investigated in under five minutes. Every alert is automatically enriched, investigated, and triaged by our virtual analyst, serving as the first responder. This process is continuously supervised and enhanced by our team of human security experts, ensuring a seamless and efficient security operation. -
30
Rainforest
Rainforest
Achieve higher cyber security protection with the Rainforest platform. Trust Rainforest to safeguard your innovations and provide you with the confidence to navigate the digital world securely, with quick implementation, and faster results. Traditional solutions are too complex to implement for companies that don't waste time and money. Frictionless integration, so you can use your time more fixing than implementing our solutions. Our trained models use AI to suggest fixes, empowering your team to resolve issues easily. 7 different application analyses with comprehensive application security, local code analysis, and AI-driven fix suggestions, ensure seamless integration, rapid vulnerability detection, and effective remediation for robust application protection. Continuous cloud security posture management, identifying misconfigurations and vulnerabilities in real-time enhancing cloud security effortlessly.
