Alternatives to Rocket Open AppDev for Z
Compare Rocket Open AppDev for Z alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Rocket Open AppDev for Z in 2026. Compare features, ratings, user reviews, pricing, and more from Rocket Open AppDev for Z competitors and alternatives in order to make an informed decision for your business.
-
1
Rocket.Chat
Rocket.Chat
Rocket.Chat is a fully customizable, open-source communications platform for organizations with high standards of data protection. It enables real-time conversations between colleagues, with other companies, or with your customers, regardless of how they want to connect with you. Compared to similar players in the industry, such as Slack and Microsoft Teams, Rocket.Chat offers an on-prem deployment that enables organizations to take full ownership of their data. Rocket. Chat's open-source nature makes it more flexible to meet specific company needs and more scalable to follow your organization's growth. It also holds the only true MIT open-source license. We have over 1000 developers across the world contributing to the open-source code. Every day, tens of millions of users in over 150 countries and in organizations such as Audi Business Innovation, Deutsche Bahn, The US Navy, and Credit Suisse trust Rocket.Chat to keep their communications completely private and secure.Starting Price: $3/user/month -
2
Open LMS
Learning Technologies Group
Open LMS leverages open-source software to deliver an effective and engaging learning experience. As the largest commercial provider of hosting and support services for the open-source Moodle™ learning platform, we help global organizations and institutions deliver great learning experiences without complexities. One of the ways Open LMS supports learning is via our commitment to open-source learning technology. The ability to deliver educational materials on a customized, branded platform is highly appealing to companies looking to teach or train students, employees, volunteers, or customers. This opens up a flexible opportunity for your organization to adapt your open-source LMS without vendor and commitment pressure. Previously a Blackboard product, Open LMS was acquired by Learning Technologies Group plc (LTG) in March 2020. -
3
Mistral AI
Mistral AI
Mistral AI is a pioneering artificial intelligence startup specializing in open-source generative AI. The company offers a range of customizable, enterprise-grade AI solutions deployable across various platforms, including on-premises, cloud, edge, and devices. Flagship products include "Le Chat," a multilingual AI assistant designed to enhance productivity in both personal and professional contexts, and "La Plateforme," a developer platform that enables the creation and deployment of AI-powered applications. Committed to transparency and innovation, Mistral AI positions itself as a leading independent AI lab, contributing significantly to open-source AI and policy development.Starting Price: Free -
4
Matomo
Matomo
Matomo is the leading open-source web analytics platform, used on over 1.4 million websites in over 190 countries and translated into over 50 languages. Matomo values privacy protection, 100% data ownership and no data sampling. It has two different hosting options – cloud and on-premise. Cloud takes the hassle out of installation, whereas On-Premise is the free, open-source and self-hosted PHP/MySQL software you can install on your own server, which gives you maximum flexibility. This premium web analytics and conversion optimisation tool is designed to give you the most conclusive insights with a complete range of features such as heatmaps, sessions recordings, goals, form analytics, visitor profiles, ecommerce and funnels.Starting Price: $23 per month -
5
Conda
Conda
Package, dependency, and environment management for any language, Python, R, Ruby, Lua, Scala, Java, JavaScript, C/ C++, Fortran, and more. Conda is an open-source package management system and environment management system that runs on Windows, macOS, Linux, and z/OS. Conda quickly installs, runs, and updates packages and their dependencies. Conda easily creates, saves, loads, and switches between environments on your local computer. It was created for Python programs, but it can package and distribute software for any language. Conda as a package manager helps you find and install packages. If you need a package that requires a different version of Python, you do not need to switch to a different environment manager, because conda is also an environment manager. With just a few commands, you can set up a totally separate environment to run that different version of Python, while continuing to run your usual version of Python in your normal environment.Starting Price: Free -
6
Hopsworks
Logical Clocks
Hopsworks is an open-source Enterprise platform for the development and operation of Machine Learning (ML) pipelines at scale, based around the industry’s first Feature Store for ML. You can easily progress from data exploration and model development in Python using Jupyter notebooks and conda to running production quality end-to-end ML pipelines, without having to learn how to manage a Kubernetes cluster. Hopsworks can ingest data from the datasources you use. Whether they are in the cloud, on‑premise, IoT networks, or from your Industry 4.0-solution. Deploy on‑premises on your own hardware or at your preferred cloud provider. Hopsworks will provide the same user experience in the cloud or in the most secure of air‑gapped deployments. Learn how to set up customized alerts in Hopsworks for different events that are triggered as part of the ingestion pipeline.Starting Price: $1 per month -
7
MacPorts
MacPorts
The MacPorts Project is an open-source community initiative to design an easy-to-use system for compiling, installing, and upgrading either command-line, X11, or Aqua-based open-source software on the Mac operating system. To that end, we provide the command-line driven MacPorts software package under a 3-Clause BSD License, and through it easy access to thousands of ports that greatly simplify the task of compiling and installing open-source software on your Mac. We provide a single software tree that attempts to track the latest release of every software title (port) we distribute, without splitting them into “stable” vs. “unstable” branches, targeting mainly macOS Mojave v10.14 and later (including macOS Monterey v12 on both Intel and Apple Silicon). There are thousands of ports in our tree, distributed among different categories, and more are being added on a regular basis.Starting Price: Free -
8
Sonatype Auditor
Sonatype
Sonatype Auditor is a powerful software tool designed to automate and streamline open-source security and compliance management. It enables organizations to generate a Software Bill of Materials (SBOM) and identify any open-source components in third-party or legacy applications. Auditor scans for security risks, such as vulnerabilities or restricted licenses, and provides real-time alerts for continuous monitoring. With its remediation guidance, users can easily address identified issues and improve their security posture. This tool is ideal for businesses looking to manage open-source components, ensure compliance, and reduce risk across their software environments. -
9
Sonatype Vulnerability Scanner
Sonatype
Sonatype’s Vulnerability Scanner is a tool designed to help developers identify security risks and compliance issues in their open-source components. It provides users with a comprehensive Software Bill of Materials (SBOM), which lists all open-source dependencies and highlights vulnerabilities and license risks. The platform offers real-time scanning and actionable insights, allowing teams to assess the severity of risks and implement fixes swiftly. With automated scans and detailed reports, Sonatype’s Vulnerability Scanner helps organizations secure their applications, manage third-party dependencies, and maintain compliance across their software environments. -
10
Bytesafe
Bitfront
Increase your open source security posture with automated best practices, with a unified workflow for security and developer teams. The cloud-native security platform reduces risk and protects revenue, without slowing down developers. The dependency firewall quarantines malicious open source before reaching developers and infrastructure, protecting data, assets, and company reputation. Our policy engine evaluates threat signals such as known vulnerabilities, license information, and customer-defined rules. Having insight into what open-source components are used in applications is crucial to avoid exploitable vulnerabilities. Software Composition Analysis (SCA) and dashboard reporting give stakeholders a holistic overview with immediate insights into the current situation. Discover when new open-source licenses are introduced in the codebase. Automatically track license compliance issues and restrict problematic or unlicensed packages.Starting Price: €1100 per month -
11
Thoa
Thoa.io
Thoa is a cloud bioinformatics platform that solves the six most expensive problems researchers face daily: environment and dependency conflicts, pipeline management, reproducibility, scaling compute, collaboration, and data sharing. Run Nextflow and Snakemake workflows on managed cloud infrastructure (up to 12TB RAM) with zero DevOps setup. Thoa's AI-assisted debugger resolves environment issues in real time, so pipelines don't crash hours into execution. Every run automatically captures its full execution context: data, software versions, environment, and machine config. Share complete analyses with collaborators in one click. Recipients can view and re-run results without creating an account or mirroring infrastructure. Supports Docker, Conda, Singularity, Python, and R.Starting Price: $35/user/month -
12
garak
garak
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. For each probe loaded, garak will print a progress bar as it generates. Once the generation is complete, a row evaluating that probe's results on each detector is given.Starting Price: Free -
13
Rocket Enterprise Suite
Rocket Software
Rocket® Enterprise Suite is an application modernization solution designed to reduce the risk of mainframe modernization by allowing organizations to migrate mainframe applications in their existing code. This minimizes failure risk and delivers faster project timelines. It supports both COBOL and PL/I workloads and can be deployed on-premises, in the cloud, or in hybrid environments, providing flexibility for diverse IT infrastructures. The suite includes tools for analyzing, securing, accessing, developing, testing, deploying, and migrating mainframe applications. It uses an AI-powered natural language assistant to simplify code analysis, making it easier for teams to understand and document complex mainframe applications and improve DevOps practices Backed by 40 years of experience and thousands of successful mainframe modernization projects, Rocket Enterprise Suite is built to deliver modern application development with lower project risk and increased development speed. -
14
Sonatype Intelligence
Sonatype
Sonatype Intelligence provides a powerful platform for managing open-source security risks with advanced tools for vulnerability identification and remediation. It uses cutting-edge technology like Advanced Binary Fingerprinting (ABF) to scan deployed applications for embedded third-party components, minimizing false positives. Sonatype Intelligence goes beyond public data sources, continuously monitoring GitHub commits, advisory sites, and vulnerability databases to offer real-time insights into emerging threats. With expert-curated guidance for developers, it helps teams quickly identify and fix vulnerabilities, ensuring the security of their open-source components and enhancing their software supply chain security. -
15
Krayin CRM
Webkul
Krayin CRM is a hand-tailored CRM framework built on some of the hottest open-source technologies such as Laravel (a PHP framework) and Vue.js a progressive Javascript framework. Free & Opensource Laravel CRM solution for SMEs and Enterprises for complete customer lifecycle management. We also have a forum for any type of concerns, feature requests, or discussions. Please visit: Krayin CRM Forums. Features: 1) Descriptive and Simple Admin Panel 2) Built on Modular Approach 3) Email parsing via Sendgrid 4) Krayin CRM is a truly open source CRM framework which will always be free under the MIT License 5) Documentation available 6) Admin Dashboard 7) Create leads through various sources/channels like email marketing, website and social media etc 8) Build an actionable roadmap for amazing custom experience 9) Perform action that will bring status processing into motionStarting Price: $0 -
16
Sonatype Repository Firewall
Sonatype
Sonatype Repository Firewall is a security solution that provides proactive protection for your software supply chain by intercepting malicious open-source components before they enter your development process. Utilizing AI-powered behavioral analysis, it detects and prevents known and unknown vulnerabilities across dependencies. The platform offers real-time policy enforcement, allowing users to set customizable policies based on risk levels, such as the age or popularity of open-source components. With automated vulnerability prevention, Sonatype Repository Firewall helps businesses maintain compliance, enhance security, and reduce risk, while boosting developer productivity by avoiding unnecessary disruptions. -
17
VerifyWise
VerifyWise
VerifyWise is an open-source AI governance platform that helps organizations document, assess, and manage their AI systems in a transparent and structured way. Built to support compliance with frameworks like ISO/IEC 42001, NIST AI RMF, and the EU AI Act, it offers a centralized registry where teams can log every AI system, along with its purpose, model type, deployment details, and risk classification. Whether it’s a large language model, a computer vision system, or a rules-based tool, VerifyWise helps you keep track of everything in one place. The platform’s open-source nature means it’s fully self-hostable and adaptable. Organizations can audit the code, contribute improvements, and extend functionality to meet specific needs. Security is built-in, with automated checks for credential leaks, license issues, and dependency vulnerabilities. It supports external contributions while maintaining high code quality standards, making it ideal for both public and private sector use.Starting Price: $129/month -
18
CodeSentry
CodeSecure
CodeSentry is a Binary Composition Analysis (BCA) tool designed to provide detailed insights into the components of binaries, including open-source software, firmware, and containers. It helps identify vulnerabilities within these components by generating Software Bill of Materials (SBOMs) in formats like SPDX and CycloneDX. By mapping components to a comprehensive vulnerability database, CodeSentry enables organizations to mitigate risks and improve software security. It is effective for both pre-production analysis and post-production monitoring, allowing teams to track vulnerabilities throughout the software lifecycle. The tool is flexible in deployment, supporting SaaS and on-premise configurations. -
19
NeuralTrust
NeuralTrust
NeuralTrust is the leading platform for securing and scaling LLM applications and agents. It provides the fastest open-source AI gateway in the market for zero-trust security and seamless tool connectivity, along with automated red teaming to detect vulnerabilities and hallucinations before they become a risk. Key Features: - TrustGate: The fastest open-source AI gateway, enabling enterprises to scale LLMs and agents with zero-trust security, advanced traffic management, and seamless app integration. - TrustTest: A comprehensive adversarial and functional testing framework that detects vulnerabilities, jailbreaks, and hallucinations, ensuring LLM security and reliability. - TrustLens: A real-time AI observability and monitoring tool that provides deep insights and analytics into LLM behavior.Starting Price: $0 -
20
AppScan
HCLSoftware
HCL AppScan is a suite of application security testing platforms, technologies, and services that help organizations detect and remediate vulnerabilities throughout the software development lifecycle (SDLC). Powerful static, dynamic, interactive, and open-source scanning engines (DAST, SAST, IAST, SCA, API) quickly and accurately test code, web applications, APIs, mobile applications, containers, and open-source components with the help of AI and machine learning capabilities. Centralized dashboards provide visibility, oversight, compliance policies, and reporting. HCL AppScan’s scanning engines are maintained by expert security researchers and are continuously updated to remain current with recent technologies, vulnerabilities, and attack vectors. With HCL AppScan, organizations can manage their application security posture and reduce risk across their entire software supply chain.Starting Price: $296 -
21
Drupal
Drupal
We're the leading open-source CMS for ambitious digital experiences that reach your audience across multiple channels. Because we all have different needs, Drupal allows you to create a unique space in a world of cookie-cutter solutions. Drupal is the open-source platform of choice for media and publishing. Create engaging multi-channel experiences to connect with your audiences - everywhere. Top-notch security thanks to robust architecture and dedicated security team. Strong community support ensures regular updates and ongoing innovation. API-first with a rich theme ecosystem and integration capacities.Starting Price: Free -
22
ConnectSecure
ConnectSecure
ConnectSecure is an all-in-one SaaS vulnerability and compliance management platform built for managed-service providers to secure client environments, manage risk, and scale security services profitably. It performs continuous vulnerability assessments and asset discovery across networks, servers, endpoints, cloud services, web apps, and external infrastructure; it includes both agent-based or “probe/lightweight” scanning and external attack-surface scanning. It identifies open ports, misconfigurations, out-of-date software, exposed systems, cloud-environment risks, and web-application vulnerabilities, surfacing over 230,000 known CVEs, daily updated from public vulnerability databases. ConnectSecure also automates patching for many applications, offers compliance-management tools aligned with major frameworks (e.g., GDPR, HIPAA, PCI DSS, CIS, NIST, ISO), and delivers continuous monitoring of cloud, on-premises, and hybrid environments. -
23
pywinauto
pywinauto
pywinauto is a set of python modules to automate the Microsoft Windows GUI. At its simplest it allows you to send mouse and keyboard actions to Windows dialogs and controls. pywinauto can be installed with pip and conda. Python is a great programming language, but there are no automation tools that were Pythonic (very few libraries were implemented in Python). The very first necessary thing is to determine which accessibility technology (pywinauto’s backend) could be used for your application. First, you should start your application or connect to an existing app instance. It can be done with an application object. It’s a core concept for the high-level pywinauto API. You are able to describe any window or control approximately or in more detail even if it doesn’t exist yet or is already closed. Window specification also keeps the information about the matching/search algorithms that will be used to get a real window or control.Starting Price: Free -
24
Intellicta
TechDemocracy
Intellicta, TechDemocracy’s brain child, is the first of its kind to deliver a holistic assessment of an entity’s cybersecurity, compliance, risk and governance. It is a singular product capable of predicting potential financial liabilities caused by threats posed by vulnerabilities in cyberspace. Intellicta empowers senior, non-technical business decision-makers to understand, evaluate and measure the effectiveness of their existing cybersecurity, governance, risk, and compliance programs. The platform can be customized to meet every company's unique business requirement. It leverages quantifiable metrics based on established models from ISM3, NIST, and ISO, among others to provide solutions. Intellicta boasts of open-source architecture that aggregates and analyzes every facet of an enterprise’s unique ecosystem, so that it can be integrated and monitored continuously. It can extract critical data from cloud-based, on-premises and third-party systems. -
25
Clair
Clair
Clair is an open-source project for the static analysis of vulnerabilities in application containers (currently including OCI and docker). Clients use the Clair API to index their container images and can then match it against known vulnerabilities. Our goal is to enable a more transparent view of the security of the container-based infrastructure. Thus, the project was named Clair after the French term which translates to clear, bright, and transparent. Manifests are Clair's representation of a container image. Clair leverages the fact that OCI Manifests and Layers are content-addressed to reduce duplicated work. -
26
OpenSCAP
OpenSCAP
The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. We maintain great flexibility and interoperability, reducing the costs of performing security audits. The OpenSCAP project provides a wide variety of hardening guides and configuration baselines developed by the open source community, ensuring that you can choose a security policy which best suits the needs of your organization, regardless of its size. Security Content Automation Protocol (SCAP) is U.S. standard maintained by National Institute of Standards and Technology (NIST). The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1.2 certification by NIST in 2014. In the ever-changing world of computer security where new vulnerabilities are being discovered and patched every day, enforcing security compliance must be a continuous process. -
27
Azure HDInsight
Microsoft
Run popular open-source frameworks—including Apache Hadoop, Spark, Hive, Kafka, and more—using Azure HDInsight, a customizable, enterprise-grade service for open-source analytics. Effortlessly process massive amounts of data and get all the benefits of the broad open-source project ecosystem with the global scale of Azure. Easily migrate your big data workloads and processing to the cloud. Open-source projects and clusters are easy to spin up quickly without the need to install hardware or manage infrastructure. Big data clusters reduce costs through autoscaling and pricing tiers that allow you to pay for only what you use. Enterprise-grade security and industry-leading compliance with more than 30 certifications helps protect your data. Optimized components for open-source technologies such as Hadoop and Spark keep you up to date. -
28
The Code Registry
The Code Registry
The Code Registry is an AI-powered code intelligence and analysis platform that gives businesses and non-technical stakeholders full visibility into their software codebase, even if they don’t write code themselves. Upon connecting your code repository (GitHub, GitLab, Bitbucket, Azure DevOps, or uploading a zipped archive), the platform creates a secure “IP Vault” and runs a comprehensive automated analysis across your entire codebase. It produces a range of reports and dashboards, including a code-complexity score (revealing how intricate or maintainable your code is), open-source component analysis (detecting dependencies, license status, outdated or vulnerable libraries), security analysis (identifying potential vulnerabilities, insecure configurations or risky dependencies), and a “cost-to-replicate” valuation, estimating how much effort or resources it would take to rebuild or replace the software from scratch.Starting Price: $2 per month -
29
Masto.host
Masto.host
Masto.host makes running a Mastodon server really easy. For only $6/month, you can have your own Mastodon server. It's a microblogging social network that brings the control back to your hands. Each Mastodon instance is independent, and anyone is free to run their own. Mastodon is free, and its code is open-source. Masto.host provides you with a hosting platform optimized to run Mastodon. Mastodon comes pre-installed on all Masto.host hosting plans. Servers are kept updated and run the latest stable release of Mastodon. Currently, Masto.host is in open beta. Meaning that it is still in development. Please read the terms of service to know more. The data centers used for Masto.host are from OVH and are located in France. The TLS (HTTPS) included is provided by Let's Encrypt. Each Private VLAN can only communicate with the closest VLAN (in the graph) and under a specific number of ports. The SMTP used to send notification emails is externally provided by MailGun.Starting Price: $6 per month -
30
Vulert
Vulert
🛡️ Vulert - Real-time Open-Source Vulnerability Monitoring & Alerts! 🛡️ Why Vulert? 🤔 🔒 Privacy: No code sharing or installations required! Just upload your package manifest (e.g., package-lock.json) to get started. 🛡️ Security: Stay one step ahead of hackers! Receive real-time alerts before malicious activities occur, ensuring your website remains safeguarded and customer-ready. 💰 Save: Why hire security staff to track dependencies when we've got you covered for FREE! Vulert's basic version is Free Forever! 🆓 🌐 For Open Source Organizations: Enjoy 100% FREE access to our powerful features! 🇬🇧 Made in the UK with love! ❤️ Discover Vulert today and fortify your software against vulnerabilities, effortlessly! 💪Starting Price: $20/month -
31
Rocket Workload Automation
Rocket Software
Rocket Workload Automation and DevOps Orchestration is a unified platform that enables organizations to design, visualize, orchestrate, and automate business workflows and workload execution across distributed, hybrid, and mainframe environments from a centralized console, helping teams simplify complexity, reduce manual intervention, mitigate operational risk, and improve delivery velocity. It supports cross-platform automation that spans on-premises, cloud, and mainframe systems, giving operators and developers a single place to manage task dependencies, job schedules, and end-to-end process flows while maintaining consistency and reliability across heterogeneous IT landscapes. It includes components such as Rocket Enterprise Orchestrator for scheduling and managing complex development and operations workflows; Rocket Zena for streamlining enterprise workload automation with full visibility into operational processes. -
32
Sonatype Lifecycle
Sonatype
Sonatype Lifecycle is a leading software composition analysis (SCA) platform designed to secure applications by automating dependency management and vulnerability monitoring. It provides real-time alerts and in-depth analytics to help developers identify and fix security risks across the software development lifecycle (SDLC). With features like automated patching, customizable policies, and SBOM (Software Bill of Materials) management, Sonatype helps businesses integrate secure open-source components without compromising speed. The platform enhances DevOps workflows by offering insights into dependencies, minimizing risks, and ensuring compliance, all while speeding up development. -
33
OGRE
OGRE
Since 2001, OGRE has grown to become one of the most popular open-source graphics rendering engines, and has been used in a large number of production projects, in such diverse areas as games, simulators, educational software, interactive art, scientific visualisation, and others. OGRE supports Windows (all major versions), Linux, OSX, Android, iOS, Javascript (via EMScripten), Windows Phone (Sponsored by Microsoft) and WinRT. Also, OGRE was ported to PS3 and Xbox360 for several titles. Ogre is released under the MIT License, which is a permissive open source license. The only condition is that you distribute the license text included in our distribution with any software that uses OGRE. Learn OGRE using our series of introducatary Tutorials. Of course the OGRE team provides official documentation in form of the OGRE Manual and API documentation. -
34
Amazon EMR
Amazon
Amazon EMR is the industry-leading cloud big data platform for processing vast amounts of data using open-source tools such as Apache Spark, Apache Hive, Apache HBase, Apache Flink, Apache Hudi, and Presto. With EMR you can run Petabyte-scale analysis at less than half of the cost of traditional on-premises solutions and over 3x faster than standard Apache Spark. For short-running jobs, you can spin up and spin down clusters and pay per second for the instances used. For long-running workloads, you can create highly available clusters that automatically scale to meet demand. If you have existing on-premises deployments of open-source tools such as Apache Spark and Apache Hive, you can also run EMR clusters on AWS Outposts. Analyze data using open-source ML frameworks such as Apache Spark MLlib, TensorFlow, and Apache MXNet. Connect to Amazon SageMaker Studio for large-scale model training, analysis, and reporting. -
35
ClusterControl
Severalnines
ClusterControl is a hybrid, multi-cloud database ops orchestration platform for MongoDB, Elasticsearch, Redis, TimescaleDB, SQL Server on Linux, Galera Cluster, PostgreSQL, and MySQL in on-premises, cloud, and hybrid environments. It handles full-lifecycle operations, from deployment to failover, backup and more. With its full suite of databases, ops features and ability to be deployed in any environment, it enables organizations to implement the Sovereign DBaaS concept. ClusterControl is perfect for organizations that need to reliably run large-scale, open-source database operations but don't want to be limited by traditional DBaaS providers in environment choice, open-source license stability, and DB access.Starting Price: €250/node/month -
36
Kubescape
Armo
A Kubernetes open-source platform providing developers and DevOps an end-to-end security solution, including risk analysis, security compliance, RBAC visualizer, and image vulnerabilities scanning. Kubescape scans K8s clusters, Kubernetes manifest files (YAML files, and HELM charts), code repositories, container registries and images, detecting misconfigurations according to multiple frameworks (such as the NSA-CISA, MITRE ATT&CK®), finding software vulnerabilities, and showing RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline. It calculates risk scores instantly and shows risk trends over time. Kubescape has became one of the fastest-growing Kubernetes security compliance tools among developers due to its easy-to-use CLI interface, flexible output formats, and automated scanning capabilities, saving Kubernetes users and admins precious time, effort, and resources.Starting Price: $0/month -
37
Arnica
Arnica
Put your software supply chain security on autopilot. Actively mitigate anomalies & risks in your development ecosystem, protect developers, and trust their code commits. Automate developer access management. Behavior-based developer access management with self-service provisioning in Slack or Teams. Continuously monitor and mitigate anomalous developer behavior. Identify hardcoded secrets. Validate and mitigate before they land in production. Go beyond SBOM and get visibility into all open-source licenses, infrastructure, vulnerabilities, and OpenSSF scorecards across your organization in minutes. Arnica is a behavior-based software supply chain security platform for DevOps. Arnica proactively protects your software supply chain by automating the day-to-day security operations and empowering developers to own security without incurring risks or compromising velocity. Arnica enables you to automate constant progress toward the least-privilege for developer permissions.Starting Price: Free -
38
OroCRM
OroCRM
Regardless if you’re a single or multi-channel business focused on B2B, B2C, or both, our open-source CRM software offers the flexibility to address any business workflow or requirement. Our open-source CRM comes out of the box with rich features for optimizing conversions, growing sales, and improving customer satisfaction. Track which Leads convert into Opportunities and which Opportunities close into Customers. It’s time to understand your customer journey and provide a superior customer experience. Watch our video and learn more about our open-source CRM software. Leverage customer data, build relationships and increase sales all on our flexible platform. Monitor and analyze every step of the customer journey. Manage qualified and unqualified leads, track open and closed opportunities, and analyze customer wins and losses for accurate forecasting into your company’s sales pipeline. -
39
ccminer
ccminer
ccminer is an open-source project for CUDA compatible GPUs (nVidia). The project is compatible with both Linux and Windows platforms. This site is intended to share cryptocurrencies mining tools you can trust. Available open-source binaries will be compiled and signed by us. Most of these projects are open-source but could require technical abilities to be compiled correctly. -
40
QuantRocket
QuantRocket
QuantRocket is a Python-based platform for researching, backtesting, and trading quantitative strategies. It provides a JupyterLab environment, offers a suite of data integrations, and supports multiple backtesters: Zipline, the open-source backtester that originally powered Quantopian; Alphalens, an alpha factor analysis library; Moonshot, a vectorized backtester based on pandas; and MoonshotML, a walk-forward machine learning backtester. Built on Docker, QuantRocket can be deployed locally or to the cloud and has an open architecture that is flexible and extensible. -
41
Manticore Search
Manticore Search
Manticore Search is an open-source database that was created in 2017 as a continuation of the Sphinx Search engine. We took all the best from it, significantly improved its functionality, fixed hundreds of bugs, rewrote the code almost completely, and kept it open-source! That all has made Manticore Search a modern, fast, light-weight, and full-featured database with outstanding full-text search capabilities. We believe that nowadays any technology vendor’s key priority should be to make it as easy to use as possible. We don’t want our users, be it a developer or DevOps to become experts in databases or search engines or have a Ph.D. to be able to use Manticore products. We assume you have other things to do rather than spending hours trying to understand how this or that setting affects this or that functionality. Hence, Manticore Search should work fine in most cases even on defaults.Starting Price: Free -
42
Rocket z/Assure VAP
Rocket Software
Rocket z/Assure Vulnerability Analysis Program (VAP) is a specialized mainframe security solution that scans and analyzes vulnerabilities in IBM z/OS operating system code to help organizations identify, assess, track, and mitigate security risks that could expose critical data. Unlike traditional vulnerability tools that focus on application layers, z/Assure VAP conducts thorough and precise binary code scanning at the OS level to detect zero-day and integrity-based vulnerabilities without relying on signature files, using an Interactive Application Security Testing (IAST)-style approach to pinpoint real weaknesses and guide developers to the exact code requiring remediation. It generates detailed vulnerability disclosure reports that provide actionable insights and clear paths to fix issues, enabling teams to prioritize risk, strengthen defenses, and make mainframe vulnerability management a repeatable part of IT security and compliance programs. -
43
ispCP
ispCP
ispCP (Internet Service Provider Control Panel) is an open-source project founded to build a multi-server control and administration panel. The ispCP Omega release is completely based on the original open-source VHCS project. All new code, and submissions to ispCP Omega are licensed under the GNU General Public License (V2). Rather than start a project from scratch, the team searched for existing open-source implementations and decided to fork the dying virtual hosting control panel (VHCS) project. This community effort to continue on the work of VHCS lead to the creation of ispCP Omega. The ispCP Omega release is completely based on the original open-source VHCS project. Because part of the ispCP dev team were core members of the dead VHCS project, Malte (ephigenie) and Benedikt (RatS) felt an obligation to offer the desperate community a way to migrate to ispCP. This led to the creation of ispCP Omega, a migration path from VHCS to ispCP. -
44
Toad Edge
Quest
If yours is one of the majority of organizations migrating your existing commercial database to open sources, such as MySQL or PostgreSQL, or if you’re building new in-house applications on open-source database management systems (OSDBMS), then you know that commercial tooling for these databases falls short. What if you could save money by implementing OSDBMS and ramp up quickly by working with a familiar toolset? You can with Toad Edge®. It’s a lightweight, reliable desktop toolset that simplifies development and management tasks for open-source databases. Using Toad for MySQL and PostgreSQL management makes it easier to master new database platforms quickly. If you’re taking on MariaDB, Amazon Redshift, or EDB Postgres Advanced Server, Toad Edge will simplify your work on those platforms as well. Toad Edge supports coding, editing, schema compare and sync, and DevOps CI processes, so you can manage your open-source databases easily and confidently. -
45
Magma
Meta Platforms
Communications service providers leverage Magma's open network core solution to connect people using LTE, 5G, Wi-Fi, and beyond. A cost-effective, open, flexible, and commercial-grade EPC. Meta Connectivity is a development contributor to Magma, an Evolved Packet Core (EPC) that enables Communication Service Providers (CSPs) to deliver fast, reliable internet connectivity with innovative features that only a robust open-source community of developers can bring. Magma is an open-source software platform enabling operators to easily deploy mobile networks in hard-to-reach areas at a price point that makes sense. When working with qualified partners to deploy and operate Magma, CSPs can rest assured that their most stringent requirements are met. Magma is vendor, hardware, and network agnostic. CSPs can use what makes sense for them from radio access network (RAN) equipment to commodity hardware to licensed or un-licensed spectrum. -
46
LineageOS
Lineage
LineageOS extends the functionality and lifespan of mobile devices from more than 20 different manufacturers thanks to our open-source community of contributors from all around the world. Your data, your rules. With powerful tools such as Privacy Guard, you are in control of what your apps can do whenever you want. We take security very seriously, that’s why we deliver security updates every month to all our supported devices. And to make your device more secure, lock everything behind an enhanced lock screen. Our open-source apps are here to help you get through the day. Android developers will turn any device into the perfect device for apps development thanks to enhanced tools and exclusive APIs. LineageOS, an open-source Android distribution, is available for several devices, with more being continuously added thanks to the biggest, yet ever growing, Android open-source community. -
47
Cavirin
Cavirin Systems
In today’s world, where a data breach seems like a daily event, employing effective cybersecurity is critical. While cloud-based systems offer rapid development and instant scalability, the risk of unintentionally growing the attack surface on those systems increases significantly. The key to managing your cloud security starts with identifying vulnerabilities and continues with rapid remediation. A critical first step to securing your cloud is to ensure proper configurations and standards compliance of your critical infrastructure and access management services. Terraform is an open-source infrastructure as a code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files. -
48
Nmap
Nmap
The Nmap project tries to defy the stereotype of some open source software being poorly documented by providing a comprehensive set of documentation for installing and using Nmap. This page links to official Insecure.Org documentation and generous contributions from other parties. Nmap Network Scanning is the official guide to the Nmap Security Scanner, a free and open-source utility used by millions of people for network discovery, administration, and security auditing. From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. Examples and diagrams show actual communication on the wire. -
49
Incisive Software
Incisive Software
In today’s business landscape, managing spreadsheet risk and navigating the proliferation of low-code/no-code platforms and open-source tools is critical. However, while these resources offer immense business value, each instance presents potential risks such as inaccuracies, outdated data, and compatibility issues with your core production systems. If your IT team is unaware of the extent of low-code/no-code deployments and open-source software being used within your organization, it can put your business at risk. With Incisive Analytics Essentials, you gain the knowledge and power to identify, manage, and mitigate these risks. Navigate the chaos of the "unknown unknowns" and gain up-to-date knowledge about-and management of-critical analytics assets such as spreadsheets, low-code/no-code and open-source applications. Ensure accurate, consistent and secure analysis of critical spreadsheets, low-code/no-code and open-source applications. -
50
µGUI
µGUI
µGUI is a free and open-source graphic library for embedded systems. It is platform-independent and can be easily ported to almost any microcontroller system. As long as the display is capable of showing graphics, µGUI is not restricted to a certain display technology. Therefore, display technologies such as LCD, TFT, E-Paper, LED or OLED are supported. μGUI is platform-independent, so there is no need to use a certain embedded system. In order to use μGUI, only two requirements are necessary.Starting Price: Free
