Alternatives to ZeroLeaks
Compare ZeroLeaks alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to ZeroLeaks in 2026. Compare features, ratings, user reviews, pricing, and more from ZeroLeaks competitors and alternatives in order to make an informed decision for your business.
-
1
SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack Surface Management, Cyber Threat Intelligence, and Digital Risk Protection into a single, easy-to-use solution. This enables your organization to discover hidden vulnerabilities, detect data leaks, and shut down threats like phishing and brand impersonation before they can harm your business. By combining these critical security functions, SOCRadar replaces the need for separate, disconnected tools. Our holistic approach offers a streamlined, modular experience, providing a complete, real-time view of your threat landscape to help you stay ahead of attackers.
-
2
ZeroPath
ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix vulnerabilities. ZeroPath provides complete security coverage: 1. AI-powered SAST for business logic flaws & broken authentication 2. SCA with reachability analysis 3. Secrets detection and validation 4. Infrastructure as Code 5. Automated patch generation. any more... ZeroPath delivers 2x more real vulnerabilities with 75% fewer false positives. Our research team has been successful in finding vulns like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce. Trusted by 750+ companies and performing 200k+ code scans monthly. -
3
WebOrion Protector Plus
cloudsineAI
WebOrion Protector Plus is a GPU-powered GenAI firewall engineered to provide mission-critical protection for generative AI applications. It offers real-time defenses against evolving threats such as prompt injection attacks, sensitive data leakage, and content hallucinations. Key features include prompt injection attack protection, safeguarding intellectual property and personally identifiable information (PII) from exposure, content moderation and validation to ensure accurate and on-topic LLM responses, and user input rate limiting to mitigate risks of security vulnerability exploitation and unbounded consumption. At the core of its capabilities is ShieldPrompt, a multi-layered defense system that utilizes context evaluation through LLM analysis of user prompts, canary checks by embedding fake prompts to detect potential data leaks, pand revention of jailbreaks using Byte Pair Encoding (BPE) tokenization with adaptive dropout. -
4
TROJAI
TROJAI
Even the best AI models can have hidden risks. Identify and address potential problems before they impact your business, ensuring smooth AI adoption and compliance. AI applications are vulnerable to new and sophisticated attacks. Stay ahead of the curve by protecting your models and applications from data poisoning, prompt injection, and other emerging threats. Leverage cutting-edge public AI services with confidence. We help you ensure responsible use and prevent data leaks, so you can focus on innovation without worry. The TROJAI security platform enables organizations to comply with benchmarks such as the OWASP AI framework as well as privacy regulations by testing models prior to deployment and protecting applications from things such as sensitive data loss once deployed. -
5
Plurilock AI PromptGuard
Plurilock Security
Plurilock AI PromptGuard is a new, patent-pending security tool designed to protect companies against data leaks while their employees use generative AI platforms like ChatGPT. Unlike other solutions to the generative AI data leakage problem, PromptGuard doesn't block AI use or individual AI prompts. Instead, PromptGuard relies on a mature DLP engine to detect sensitive data in prompts and anonymize it before it is sent to the AI platform. When the AI platform returns an answer, PromptGuard restores the original references before showing them to the user. This preserves the workflow and query flow of AI, enabling users to productively use it, while keeping sensitive data out of the AI platform's hands. PromptGuard also provides a complete, bi-directional audit log of queries and replies for each user, enabling companies to create a compliance-friendly record of what was sent to AI, and what AI sent back. -
6
LangProtect
LangProtect
LangProtect is an AI-native security and governance platform that protects LLM and Generative AI applications from prompt injection, jailbreaks, sensitive data leakage, and unsafe or non-compliant outputs. Built for production GenAI, it enforces real-time runtime controls at the AI execution layer by inspecting prompts, model responses, and tool/function calls as they happen. This allows teams to block high-risk behavior before it reaches end users, triggers downstream actions, or exposes confidential data. LangProtect integrates into existing LLM stacks via an API-first approach with minimal latency and supports cloud, hybrid, and on-prem deployments for enterprise security and data residency needs. It also secures modern architectures such as RAG pipelines and agentic workflows with policy-driven enforcement, continuous visibility, and audit-ready governance. -
7
Wardstone
JRL Software LTD
Wardstone is an LLM security API that sits between applications and language model providers, scanning inputs and outputs for threats across four categories in a single call: prompt attacks, content violations, data leakage, and unknown links. It detects jailbreaks, prompt injections, harmful content (hate, violence, self-harm), PII (SSNs, credit cards, emails, phone numbers), and suspicious URLs. Each response returns risk bands per category with sub-30ms latency. Works with any LLM provider. REST API with SDKs for TypeScript, Python, Go, Ruby, PHP, Java, and C#. Free tier at 10,000 calls/month, no credit card required. Includes a browser-based playground for testing.Starting Price: $0/month -
8
Lakera
Lakera
Lakera Guard empowers organizations to build GenAI applications without worrying about prompt injections, data loss, harmful content, and other LLM risks. Powered by the world's most advanced AI threat intelligence. Lakera’s threat intelligence database contains tens of millions of attack data points and is growing by 100k+ entries every day. With Lakera guard, your defense continuously strengthens. Lakera guard embeds industry-leading security intelligence at the heart of your LLM applications so that you can build and deploy secure AI systems at scale. We observe tens of millions of attacks to detect and protect you from undesired behavior and data loss caused by prompt injection. Continuously assess, track, report, and responsibly manage your AI systems across the organization to ensure they are secure at all times. -
9
ZenGuard AI
ZenGuard AI
ZenGuard AI is a security platform designed to protect AI-driven customer experience agents from potential threats, ensuring they operate safely and effectively. Developed by experts from leading tech companies like Google, Meta, and Amazon, ZenGuard provides low-latency security guardrails that mitigate risks associated with large language model-based AI agents. Safeguards AI agents against prompt injection attacks by detecting and neutralizing manipulation attempts, ensuring secure LLM operation. Identifies and manages sensitive information to prevent data leaks and ensure compliance with privacy regulations. Enforces content policies by restricting AI agents from discussing prohibited subjects, maintaining brand integrity and user safety. The platform also provides a user-friendly interface for policy configuration, enabling real-time updates to security settings.Starting Price: $20 per month -
10
CalypsoAI
CalypsoAI
Customizable content scanners ensure any confidential and sensitive data or intellectual property included in a prompt never leaves your organization. Responses from LLMs are scanned for code written in a wide variety of languages and responses containing it are prevented from gaining access to your system. Scanners deploy a wide array of techniques to identify and stop prompts that attempt to circumvent systematic and organizational parameters for LLM activity. in-house subject matter experts ensures your teams use information provided by LLMs with confidence. Don't let fear of falling victim to the vulnerabilities inherent in large language models hinder your organization's ability to gain a competitive advantage. -
11
ZeroTrusted.ai
ZeroTrusted.ai
Large Language Models (LLMs) learn from vast datasets, which might include your sensitive information. This presents risks of unintentional data exposure and exploitation by unethical LLM providers or malicious actors. ZeroTrusted.ai’s LLM Firewall is designed to protect you from these threats. Our sanitization model is intelligent enough to detect GDPR, PHI, PII, PCI data etc. It’s constantly trained with compliance requirements data for from NIST. That way you fulfill your compliance requirement while automating the process. There are plenty other features like for prompt optimization, reducing hallucinations and data injection using our LLM ensemble technique and lots of other feature. These features are only available on the business plan however.Starting Price: $19.99 per month -
12
Rafter
Rafter
Rafter is a developer-friendly security scanning platform that lets you detect and address vulnerabilities in your GitHub repositories with a single click or command. It integrates seamlessly via a browser-based dashboard, CLI, or REST API to scan JavaScript, TypeScript, and Python code for a range of issues, including exposed API keys, SQL injection, XSS flaws, insecure dependencies, hardcoded credentials, and authentication weaknesses. Results are clearly categorized into “Errors,” “Warnings,” and “Improvements,” each offering detailed explanations, code locations, remediation steps, and formatted prompts ready to paste into AI coding assistants. You can view findings in JSON or Markdown, automate scans within CI/CD pipelines, and pull scan results directly into your workflows. Whether you prefer no-code, low-code, or full-code environments, Rafter adapts flexibly to your setup, making proactive security early in development effortless and scalable.Starting Price: $39 -
13
Operant
Operant AI
Operant AI shields every layer of modern applications, from Infra to APIs. Within minutes of a single-step deployment, Operant provides full-stack security visibility and runtime controls, blocking a wide range of common and critical attacks including data exfiltration, data poisoning, zero day vulns, lateral movement, cryptomining, prompt injection, and more. All with zero instrumentation, zero drift, and zero friction between Dev, Sec, and Ops. Operant's in-line runtime protection of all data-in-use, across every interaction from infra to APIs, brings a new level of defense to your cloud-native apps with zero instrumentation, zero application code changes and zero integrations. -
14
MCP Defender
MCP Defender
MCP Defender is an open source desktop application that functions as an AI firewall, designed to monitor and protect Model Context Protocol (MCP) communications. It acts as a secure proxy between AI applications and MCP servers, analyzing all communications for potential threats in real-time. It automatically scans and protects all MCP tool calls, providing advanced LLM-powered detection of malicious activity. Users can manage the signatures used during scanning, allowing for customizable security measures. MCP Defender identifies and blocks common AI security threats, including prompt injection, credential theft, arbitrary code execution, and remote command injection. It supports integration with various AI applications such as Cursor, Claude, Visual Studio Code, and Windsurf, with more applications to be supported in the future. It offers intelligent threat detection, alerting users as soon as it identifies any malicious activity being performed by AI apps.Starting Price: Free -
15
ZeroThreat.ai
ZeroThreat Inc.
ZeroThreat.ai is an automated penetration testing and vulnerability scanning platform designed to secure web applications and APIs. It detects, prioritizes, and helps mitigate over 40,000+ vulnerabilities, including OWASP Top 10 and CWE Top 25 issues such as logic flaws, misconfigurations, and data leaks. With near-zero false positives and AI-generated remediation reports, ZeroThreat.ai enables security and development teams to identify and fix vulnerabilities up to 10x faster. It integrates seamlessly with CI/CD pipelines, Slack, and Microsoft Teams for continuous testing and real-time alerts. Built for startups and enterprises alike, ZeroThreat.ai delivers speed, accuracy, and scalability, ensuring secure releases and continuous protection against evolving threats.Starting Price: $100/Target -
16
LLM Guard
LLM Guard
By offering sanitization, detection of harmful language, prevention of data leakage, and resistance against prompt injection attacks, LLM Guard ensures that your interactions with LLMs remain safe and secure. LLM Guard is designed for easy integration and deployment in production environments. While it's ready to use out-of-the-box, please be informed that we're constantly improving and updating the repository. Base functionality requires a limited number of libraries, as you explore more advanced features, necessary libraries will be automatically installed. We are committed to a transparent development process and highly appreciate any contributions. Whether you are helping us fix bugs, propose new features, improve our documentation, or spread the word, we would love to have you as part of our community.Starting Price: Free -
17
Zenity
Zenity
Enterprise copilots and low-code/no-code development platforms make it easier and faster than ever to create powerful business AI applications and bots. Generative AI makes it easier and faster for users of all technical backgrounds to spur innovation, automate mundane processes, and craft efficient business processes. Similar to the public cloud, AI and low-code platforms secure the underlying infrastructure, but not the resources or data built on top. As thousands of apps, automation, and copilots are built, prompt injection, RAG poisoning, and data leakage risks dramatically increase. Unlike traditional application development, copilots and low-code do not incorporate dedicated time for testing, analyzing, and measuring security. Unlock professional and citizen developers to safely create the things they need while meeting security and compliance standards. We’d love to chat with you about how your team can unleash copilots and low-code development. -
18
Prompt Security
Prompt Security
Prompt Security enables enterprises to benefit from the adoption of Generative AI while protecting from the full range of risks to their applications, employees and customers. At every touchpoint of Generative AI in an organization — from AI tools used by employees to GenAI integrations in customer-facing products — Prompt inspects each prompt and model response to prevent the exposure of sensitive data, block harmful content, and secure against GenAI-specific attacks. The solution also provides leadership of enterprises with complete visibility and governance over the AI tools used within their organization. -
19
NoPromptInjections
NoPromptInjections
AI apps are all the rage these days, but with them comes a new security danger: prompt injections. Similarly to code injections, they allow nefarious alteration of an app's function. The NoPromptInjection API allows developers to easily protect their apps. -
20
Tenable AI Exposure
Tenable
Tenable AI Exposure is an agentless, enterprise-grade solution embedded within the Tenable One exposure management platform that provides visibility, context, and control over how teams use generative AI tools like ChatGPT Enterprise and Microsoft Copilot. It enables organizations to monitor user interactions with AI platforms, including who is using them, what data is involved, and how workflows are executed, while detecting and remediating risks such as misconfigurations, unsafe integrations, and exposure of sensitive information (like PII, PCI, or proprietary enterprise data). It also defends against prompt injections, jailbreak attempts, policy violations, and other advanced threats by enforcing security guardrails without disrupting operations. Supported across major AI platforms and deployed in minutes with no downtime, Tenable AI Exposure helps organizations govern AI usage as a core part of their cyber risk strategy. -
21
LangWatch
LangWatch
Guardrails are crucial in AI maintenance, LangWatch safeguards you and your business from exposing sensitive data, prompt injection and keeps your AI from going off the rails, avoiding unforeseen damage to your brand. Understanding the behaviour of both AI and users can be challenging for businesses with integrated AI. Ensure accurate and appropriate responses by constantly maintaining quality through oversight. LangWatch’s safety checks and guardrails prevent common AI issues including jailbreaking, exposing sensitive data, and off-topic conversations. Track conversion rates, output quality, user feedback and knowledge base gaps with real-time metrics — gain constant insights for continuous improvement. Powerful data evaluation allows you to evaluate new models and prompts, develop datasets for testing and run experimental simulations on tailored builds.Starting Price: €99 per month -
22
Alice
Alice
Alice (formerly ActiveFence) is a security, safety, and trust platform built to protect AI systems and online platforms in the GenAI era. Powered by the world’s largest adversarial intelligence dataset, Alice safeguards over 3 billion users across more than 120 languages. Its Rabbit Hole intelligence engine continuously analyzes billions of toxic and manipulative data samples to detect emerging threats in real time. The WonderSuite platform includes tools like WonderBuild for pre-launch stress testing, WonderFence for runtime guardrails, and WonderCheck for automated red-teaming. By defending against prompt injection, jailbreaks, governance gaps, and harmful AI behavior, Alice enables enterprises and foundation model labs to innovate with confidence. -
23
Prompt Mixer
Prompt Mixer
Use Prompt Mixer to create prompts and chains. Combinе your chains with datasets and improve with AI. Develop a comprehensive set of test scenarios to assess various prompt and model pairings, determining the optimal combination for diverse use cases. Incorporate Prompt Mixer into your everyday tasks, from creating content to conducting R&D. Prompt Mixer can streamline your workflow and boost productivity. Use Prompt Mixer to efficiently create, assess, and deploy content generation models for various applications such as blog posts and emails. Use Prompt Mixer to extract or merge data in a completely secure manner and easily monitor it after deployment.Starting Price: $29 per month -
24
Rebuff AI
Rebuff AI
Store embeddings of previous attacks in a vector database to recognize and prevent similar attacks in the future. Use a dedicated LLM to analyze incoming prompts and identify potential attacks. Add canary tokens to prompts to detect leakages, allowing the framework to store embeddings about the incoming prompt in the vector database and prevent future attacks. Filter out potentially malicious input before it reaches the LLM. -
25
Superagent
Superagent
Superagent is an open source AI safety and agent development platform that helps developers and organizations build, deploy, and protect AI-driven applications and assistants by embedding safety guardrails, runtime security, and compliance controls into agent workflows. It provides purpose-trained models and APIs (such as Guard, Verify, and Redact) that block prompt injections, malicious tool calls, data leakage, and unsafe outputs in real time, while red-teaming tests probe production systems for vulnerabilities and deliver findings with remediation guidance. Superagent integrates with existing AI systems at inference and tool-call layers to filter inputs/outputs, remove sensitive data like PII/PHI, enforce policy constraints, and stop unauthorized actions before they occur, offering unified observability, live trace logs, policy controls, and audit trails for security and engineering teams.Starting Price: Free -
26
Tumeryk
Tumeryk
Tumeryk Inc. specializes in advanced generative AI security solutions, offering tools like the AI trust score for real-time monitoring, risk management, and compliance. Our platform empowers organizations to secure AI systems, ensuring reliable, trustworthy, and policy-aligned deployments. The AI Trust Score quantifies the risk of using generative AI systems, enabling compliance with regulations like the EU AI Act, ISO 42001, and NIST RMF 600.1. This score evaluates and scores the trustworthiness of generated prompt responses, accounting for risks including bias, jailbreak propensity, off-topic responses, toxicity, Personally Identifiable Information (PII) data leakage, and hallucinations. It can be integrated into business processes to help determine whether content should be accepted, flagged, or blocked, thus allowing organizations to mitigate risks associated with AI-generated content. -
27
Prompt Blaze
Prompt Blaze
Text-based prompts are stored in the extension and saved in your own browser's storage. No one else can see them, not even us. Categorize prompts for quick access with our drag-and-drop interface. Store prompts for later use when injecting context from any webpage. Export prompts easily to prevent data loss and maintain long-term access. Your data stays local, ensuring private ownership and control. Create powerful AI workflows by linking multiple prompts in sequence, allowing for complex tasks to be completed with minimal manual intervention. Easily connect prompts to create sophisticated AI processes. Pass data seamlessly between steps in your chain using placeholders. Run entire prompt chain sequences or individual steps as needed. Leverage special placeholders for popular sites like Amazon and YouTube. Designed for efficiency and personalized customization our quick reply menu offers unparalleled user customization.Starting Price: $49 one-time payment -
28
Lunary
Lunary
Lunary is an AI developer platform designed to help AI teams manage, improve, and protect Large Language Model (LLM) chatbots. It offers features such as conversation and feedback tracking, analytics on costs and performance, debugging tools, and a prompt directory for versioning and team collaboration. Lunary supports integration with various LLMs and frameworks, including OpenAI and LangChain, and provides SDKs for Python and JavaScript. Guardrails to deflect malicious prompts and sensitive data leaks. Deploy in your VPC with Kubernetes or Docker. Allow your team to judge responses from your LLMs. Understand what languages your users are speaking. Experiment with prompts and LLM models. Search and filter anything in milliseconds. Receive notifications when agents are not performing as expected. Lunary's core platform is 100% open-source. Self-host or in the cloud, get started in minutes.Starting Price: $20 per month -
29
16x Prompt
16x Prompt
Manage source code context and generate optimized prompts. Ship with ChatGPT and Claude. 16x Prompt helps developers manage source code context and prompts to complete complex coding tasks on existing codebases. Enter your own API key to use APIs from OpenAI, Anthropic, Azure OpenAI, OpenRouter, or 3rd party services that offer OpenAI API compatibility, such as Ollama and OxyAPI. Using API avoids leaking your code to OpenAI or Anthropic training data. Compare the code output of different LLM models (for example, GPT-4o & Claude 3.5 Sonnet) side-by-side to see which one is the best for your use case. Craft and save your best prompts as task instructions or custom instructions to use across different tech stacks like Next.js, Python, and SQL. Fine-tune your prompt with various optimization settings to get the best results. Organize your source code context using workspaces to manage multiple repositories and projects in one place and switch between them easily.Starting Price: $24 one-time payment -
30
garak
garak
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. For each probe loaded, garak will print a progress bar as it generates. Once the generation is complete, a row evaluating that probe's results on each detector is given.Starting Price: Free -
31
PromptPerformance
Prompt
PromptPerformance®, a streamlined and customizable performance management solution. PromptPerformance® interfaces seamlessly with PromptPayPlanner®, and is designed to keep pace with the ever-changing landscape of performance management. Prompt Inc. is an industry innovator with regard to security, utilizing field-level encryption in the database, as well as encryption “over the wire” as your company information travels via the internet or your own internal network. It all comes down to math, logic, workflow and an easy-to-use interface. Includes reports built to your exact specifications. Beautify your communications with employees and managers. Incorporate your performance review and goal setting processes. -
32
APIsec
APIsec
Hackers are targeting loopholes in API logic. Learn how to secure APIs and prevent breaches and data leaks. APIsec finds critical flaws in API logic that attackers target to gain access to sensitive data. Unlike traditional security solutions that look for common security issues, such as injection attacks and cross-site scripting, APIsec pressure-tests the entire API to ensure no endpoints can be exploited. With APIsec you’ll know about vulnerabilities in your APIs before they get into production where hackers can exploit them. Run APIsec tests on your APIs at any stage of the development cycle to identify loopholes that can unintentionally give attackers access to sensitive data and functionality. Security doesn’t have to slow down Development. APIsec runs at the speed of DevOps, giving you continuous visibility into the security of your APIs. No need to wait for the next scheduled pen-test, APIsec tests are complete in minutes.Starting Price: $500 per month -
33
Fasoo AI-R DLP
Fasoo
Fasoo AI-R DLP is an advanced data protection solution that safeguards sensitive information from being exposed through generative AI platforms. Built to meet the growing challenges of AI adoption in the workplace, it monitors user interactions in real time and blocks attempts to share confidential data through AI prompts. This solution uses intelligent pattern recognition and policy-based controls to enforce security across departments, user roles, and devices. It gives organizations the flexibility to customize policies and restrict risky AI use while still enabling productivity. With support for Remote Browser Isolation (RBI), Fasoo AI-R DLP creates a secure environment for AI interactions, ensuring sensitive content stays protected within corporate boundaries. Ideal for companies adopting generative AI tools at scale, Fasoo AI-R DLP provides deep visibility into user activity with detailed logs and alerting mechanisms. -
34
HashiCorp Boundary
HashiCorp
Access any system from anywhere based on user identity. Traditional approaches like SSH bastion hosts or VPNs require distributing and managing credentials, configuring network controls like firewalls, and exposing the private network. Boundary provides a secure way to access hosts and critical systems without having to manage credentials or expose your network, and is entirely open source. Authenticate with any trusted identity provider you are already using. No need to distribute new credentials and manage them. Authorize access based on logical roles and services, instead of physical IP addresses. Manage dynamic infrastructure and integrate service registries so hosts and service catalogs are kept up-to-date. Automate credential injection to securely access services and hosts with HashiCorp Vault. Reduce risk of leaking credentials with dynamic secrets and just-in-time credentials. -
35
API Fuzzer
Fuzzapi
API Fuzzer allows to fuzz-request attributes using common pentesting techniques and lists vulnerabilities. API Fuzzer gem accepts an API request as input and returns vulnerabilities possible in the API. Cross-site scripting vulnerability, SQL injection, blind SQL injection, XML external entity vulnerability, IDOR, API rate limiting, open redirect vulnerabilities, information disclosure flaws, info leakage through headers, and cross-site request forgery vulnerability.Starting Price: Free -
36
NVADR
RedHunt Labs
Discover, track and secure your exposed assets. You provide us the seed information, such as your company domain(s). Using 'NVADR', we discover your perimeter attack surface and monitor for sensitive data leakage. A comprehensive vulnerability assessment is performed on the discovered assets and security issues with an actual impact are identified. Continuously monitor the Internet for code / secret information leakage notify you as any such information about your organization is leaked. A detailed report is provided with analytics, stats and visualizations for your organization's Attack Surface. Comprehensively discover your Internet Facing Assets using our Asset Discover Platform, NVADR. Identify verified and correlated shadow IT hosts along with their detailed profile. Easily track your assets in a Centrally Managed Inventory complimented with auto-tagging and Assets classification. Get notification of newly discovered assets as well as attack vectors affecting your assets. -
37
Asterisk
Asterisk
Asterisk is an AI-driven platform that automates the detection, verification, and patching of security vulnerabilities within codebases, effectively emulating the approach of a human security engineer. It excels in identifying complex business logic errors through context-aware scanning and provides comprehensive reports with near-zero false positives. Key features include automated patch generation, continuous real-time monitoring, and extensive support for major programming languages and frameworks. Asterisk's process involves indexing the codebase to create accurate call stack and code graph mappings, enabling precise vulnerability detection. The platform has demonstrated its efficacy by autonomously discovering vulnerabilities in systems. Founded by a team of seasoned security researchers and competitive CTF players, Asterisk is committed to leveraging AI to streamline code security audits and enhance vulnerability discovery. -
38
PrompTessor
PrompTessor
PrompTessor is a web-based SaaS platform that transforms AI prompt optimization through an intelligent analysis engine delivering deep insights, detailed metrics, and actionable optimization strategies. Users submit their prompts to receive a comprehensive effectiveness score, often on a 0–100 scale, that highlights strengths and areas for improvement across core dimensions such as clarity, specificity, context, goal orientation, structure, and constraints. The system offers granular feedback with visualization of performance metrics over time, continuous progress tracking, and side-by-side comparisons of optimized prompt variations generated to enhance AI performance. An intuitive interface guides both beginners and experts through prompt refinement: interactive dashboards display heatmaps of prompt components, while automated recommendations suggest rephrasing, restructuring, or adding context to maximize output quality.Starting Price: $10 per month -
39
DoCoreAI
MobiLights
DoCoreAI is an AI prompt optimization and telemetry platform designed for AI-first product teams, SaaS companies, and developers working with large language models (LLMs) like OpenAI & Groq (Infra). With a local-first Python client and secure telemetry engine, DoCoreAI enables teams to collect LLM usage metrics without exposing original prompts & ensuring data privacy. Key Capabilities: - Prompt Optimization → Improve efficiency and reliability of LLM prompts. - LLM Usage Monitoring → Track tokens, response times, and performance trends. - Cost Analytics → Monitor and optimize LLM costs across teams. - Developer Productivity Dashboards → Identify time savings and usage bottlenecks. - AI Telemetry → Collect detailed insights while maintaining user privacy. DoCoreAI helps businesses save on token costs, improve AI model performance, and give developers a single place to understand how prompts behave in production.Starting Price: $9/month -
40
Astra API Security Platform
Astra Security
Astra is a powerful API security platform designed to discover, test, and protect every API across your infrastructure. It continuously scans for over 10,000 vulnerabilities, including the OWASP API Top 10, data leaks, and authorization flaws. With Astra, teams can detect Shadow, Zombie, and Orphan APIs, identify sensitive data exposures, and fix vulnerabilities before attackers exploit them. The platform combines automated scanning with manual penetration testing from certified experts to deliver enterprise-grade protection. Seamless integrations with AWS, GCP, Postman, and CI/CD tools make security part of your DevOps workflow. Trusted by over 1,000 engineering teams, Astra empowers businesses to secure their APIs continuously and confidently.Starting Price: $499/month -
41
ChainForge
ChainForge
ChainForge is an open-source visual programming environment designed for prompt engineering and large language model evaluation. It enables users to assess the robustness of prompts and text-generation models beyond anecdotal evidence. Simultaneously test prompt ideas and variations across multiple LLMs to identify the most effective combinations. Evaluate response quality across different prompts, models, and settings to select the optimal configuration for specific use cases. Set up evaluation metrics and visualize results across prompts, parameters, models, and settings, facilitating data-driven decision-making. Manage multiple conversations simultaneously, template follow-up messages, and inspect outputs at each turn to refine interactions. ChainForge supports various model providers, including OpenAI, HuggingFace, Anthropic, Google PaLM2, Azure OpenAI endpoints, and locally hosted models like Alpaca and Llama. Users can adjust model settings and utilize visualization nodes. -
42
IBM Verify Trust
IBM
IBM Verify Trust software provides deep risk assessment to IAM systems, keeping discord to a minimum. Based on the IBM Trusteer risk engine, Verify Trust helps to protect against malicious actors while balancing multifactor authentication requirements. Integrate with your IAM system to configure adaptive access without starting from scratch. Provide frictionless digital experiences to reduce abandonment and improve brand reputation. Higher confidence in risk detection helps to limit false positives and unwarranted MFA prompts. Holistic risk context evaluated using AI and machine learning helps provide more secure authentication. Implement zero trust design principles behind the scenes to confidently allow access for genuine, low-risk consumers. Detect suspicious activity to challenge or block unauthorized account access. Help prevent malware and phishing attempts to gain access to credentials. Uncover deviations based on device hygiene, network characteristics, etc. -
43
NeuralTrust
NeuralTrust
NeuralTrust is the leading platform for securing and scaling LLM applications and agents. It provides the fastest open-source AI gateway in the market for zero-trust security and seamless tool connectivity, along with automated red teaming to detect vulnerabilities and hallucinations before they become a risk. Key Features: - TrustGate: The fastest open-source AI gateway, enabling enterprises to scale LLMs and agents with zero-trust security, advanced traffic management, and seamless app integration. - TrustTest: A comprehensive adversarial and functional testing framework that detects vulnerabilities, jailbreaks, and hallucinations, ensuring LLM security and reliability. - TrustLens: A real-time AI observability and monitoring tool that provides deep insights and analytics into LLM behavior.Starting Price: $0 -
44
Prompt Selected
Prompt Selected
Prompt Selected is an AI-powered browser extension that allows users to run custom ChatGPT prompts on any selected text, requiring their own OpenAI API key for functionality (BYOK). With unlimited prompts, prebuilt examples, and GPT model support, it simplifies grammar corrections, translations, and text summaries. The tool ensures data security with local key storage and zero tracking. Take control of your AI needs with one powerful, customizable extension.Starting Price: Free -
45
FireCompass
FireCompass
FireCompass runs continuously and indexes the deep, dark and surface web using elaborate recon techniques as threat actors. The platform then automatically discovers an organization's dynamic digital attack surface, including unknown exposed databases, cloud buckets, code leaks, exposed credentials, risky cloud assets, and open ports & more. FireCompass provides the ability to launch safe-attacks on your most critical applications and assets. Once you approve the scope on which the attacks need to be launched, FireCompass engine launches the multi-stage attacks, which includes network attacks, application attacks, and social engineering attacks to identify breach and attack paths. FireCompass helps to prioritize digital risks to focus efforts on the vulnerabilities that are most likely to be exploited. The dashboard summarizes the high, medium, and low priority risks and the recommended mitigation steps. -
46
Prompt Refine
Prompt Refine
Prompt Refine helps you run better prompt experiments. Small changes to a prompt can lead to very different results. With Prompt Refine you can run and iterate on prompts. Every time you run a prompt, it gets added to your history. There, you can see all the details from previous runs, with highlighted diffs. Organize your prompts into prompt groups and share them with friends and coworkers. When you're done testing, export your prompt runs into a CSV for further analysis. With Prompt Refine, you can also design generative prompts that guide users in formulating concise and specific prompts, enabling more meaningful interactions with AI models. Enhance your prompt interactions and unleash the full potential of AI with Prompt Refine today.Starting Price: $39 per month -
47
PromptBase
PromptBase
Prompts are becoming a powerful new way of programming AI models like DALL·E, Midjourney & GPT. However, it's hard to find good-quality prompts online. If you're good at prompt engineering, there's also no clear way to make a living from your skills. PromptBase is a marketplace for buying and selling quality prompts that produce the best results, and save you money on API costs. Find top prompts, produce better results, save on API costs, and sell your own prompts. PromptBase is an early marketplace for DALL·E, Midjourney, Stable Diffusion & GPT prompts. Sell your prompts on PromptBase and earn from your prompt crafting skills. Upload your prompt, connect with Stripe, and become a seller in just 2 minutes. Start prompt engineering instantly within PromptBase using Stable Diffusion. Craft prompts and sell them on the marketplace. Get 5 free generation credits every day.Starting Price: $2.99 one-time payment -
48
SentinelOne Purple AI
SentinelOne
Detect earlier, respond faster, and stay ahead of attacks. The industry’s most advanced AI security analyst and the only solution built on a single platform, console, and data lake. Scale autonomous protection across the enterprise with patent-pending AI technology. Streamline investigations by intelligently combining common tools, and synthesizing threat intelligence and contextual insights into a single conversational user experience. Find hidden risks, conduct deeper investigations, and respond faster, all in natural language. Train analysts with power query translations from natural language prompts. Advance your SecOps with our hunting quick starts, AI-powered analyses, auto-summaries, and suggested queries. Collaborate on investigations with shareable notebooks. Leverage a solution designed for data protection and privacy. Purple AI is never trained with customer data and is architected with the highest level of safeguards. -
49
promptfoo
promptfoo
Promptfoo discovers and eliminates major LLM risks before they are shipped to production. Its founders have experience launching and scaling AI to over 100 million users using automated red-teaming and testing to overcome security, legal, and compliance issues. Promptfoo's open source, developer-first approach has made it the most widely adopted tool in this space, with over 20,000 users. Custom probes for your application that identify failures you actually care about, not just generic jailbreaks and prompt injections. Move quickly with a command-line interface, live reloads, and caching. No SDKs, cloud dependencies, or logins. Used by teams serving millions of users and supported by an active open source community. Build reliable prompts, models, and RAGs with benchmarks specific to your use case. Secure your apps with automated red teaming and pentesting. Speed up evaluations with caching, concurrency, and live reloading.Starting Price: Free -
50
Threatrix
Threatrix
Threatrix autonomous platform manages your open source supply chain security and license compliance allowing your team to focus on delivering great software. Enter a new era of open source with Threatrix autonomous open source management. Threatrix autonomous platform effectively eliminates security risks and helps your team quickly manage license compliance in a single, tightly integrated platform. Scans complete in seconds, never holding up your builds. Proof of origin instantly ensures actionable results. Seamlessly processes billions of source files every day, providing unparalleled scalability for even the largest of organizations. Empower your vulnerability detection with unmatched control and risk visibility thanks to the unparalleled capabilities of our TrueMatch technology. A comprehensive vulnerability knowledge base aggregates all known open source vulnerability data and pre-zero-day vulnerability intelligence from the dark web.Starting Price: $41 per month
