Cloudflare WAF — Global CDN with AI-powered WAF DDoS protection and bot management at scale.
Cloudflare Zero Trust — Comprehensive zero-trust platform with ZTNA, SWG, CASB, email security and browser isolation.
CloudSEK — AI-powered digital risk monitoring tracking brand impersonation, data leaks, and attack surface exposure across surface, deep, and dark web.
CloudSploit Scanner — Open-source cloud security configuration scanner for AWS, Azure, GCP and Oracle Cloud.
Cobalt Pentest — Pentest as a service combining human expertise with AI-powered vulnerability triage.
Cobalt Strike — Advanced adversary simulation and red team operations toolkit for post-exploitation, lateral movement, and C2 operations.
Code42 Incydr — Insider risk management detecting and responding to data exfiltration by employees and contractors.
CodeRabbit Platform — AI code review assistant analyzing pull requests with contextual security feedback.
Cofense PhishMe — Phishing simulation and security awareness training with AI-powered threat detection.
Concentric AI Semantic — Autonomous data security using deep learning to classify and protect sensitive data without rules.
ConductorOne — AI-powered access management with automated reviews and just-in-time provisioning.
Contrast Security — Runtime application security with IAST, RASP and SCA using AI for accurate vulnerability detection.
Corelight — Enterprise network detection and response built on open-source Zeek with AI analytics.
Covenant C2 — Open-source command and control framework for red team operations with collaborative features.
CrowdStrike Falcon + Charlotte AI — XDR platform with generative AI analyst enabling natural language queries across trillions of security events for faster investigations.
CrowdStrike Falcon Cloud — Cloud workload protection with AI threat detection runtime security and container scanning.
CrowdStrike Falcon Prevent — Next-gen antivirus with AI behavioral analysis. Top-rated in MITRE ATT&CK evaluations. Blocks known and unknown malware, ransomware, and fileless attacks using machine learning trained on trillions of events.
CrowdStrike Falcon X — AI-driven threat analysis integrated into Falcon platform with automated IOC scoring and adversary attribution.
Cuckoo Sandbox — Open-source automated malware analysis system executing suspicious files in isolated environments.
CyberArk — Privileged access management platform securing credentials, secrets, and privileged sessions across hybrid and cloud environments.
CyberArk Conjur — Open-source secrets management for DevOps with role-based access and seamless CI/CD integration.
CyberArk PAM — Privileged access management leader with AI-driven risk scoring and secrets management.
CyberChef — GCHQ open-source web app for data encoding decoding encryption and analysis operations.
Cybereason Defense Platform — AI-driven EDR and XDR with MalOp detection engine correlating attacks across endpoints.
Cyberhaven — AI-powered behavioral DLP tracking data lineage and preventing exfiltration in real time.
CyberX — Agentless IoT and OT security with automated asset discovery and vulnerability management.
Cyble Vision Platform — AI-powered threat intelligence with dark web monitoring, brand protection and attack surface discovery.
CyCognito — AI-powered external attack surface management with automated testing and risk prioritization.
Cyera — AI-powered DSPM with automatic data discovery and classification.
Cyera AI Data Security — AI-powered data security posture management platform discovering and classifying sensitive data across cloud environments
Cyera AI Guardian — AI-SPM plus AI Runtime Protection with granular AI asset inventory and data security.
Cymulate — Continuous security validation platform with BAS exposure management and automated red teaming.
Cynerio Platform — Healthcare IoT security with AI-driven device classification and attack detection.
Dalfox — Fast parameter analysis and XSS scanner with automatic payload generation and verification.
Darktrace DETECT Fraud — Self-learning AI for real-time anomaly detection across enterprise networks email cloud and OT.
Darktrace EMAIL — Self-learning AI email protection without rules or signatures.
Dashlane — Password manager with built-in VPN dark web monitoring and automated password changer.
Dazz Remediation Cloud — AI-powered security remediation platform that deduplicates and prioritizes vulnerability fixes across pipelines
DeepKeep AI Security — AI-native security platform providing automated red-teaming and runtime protection for LLM applications
Dehashed Search — Breach data search engine for security researchers to check exposed credentials and personal data.
Delinea — PAM solutions with AI-powered privilege management and DevOps secrets vault.
Dependabot Security — GitHub-native automated dependency updates and security vulnerability patching for repositories.
Descope IAM — Drag-and-drop customer identity platform with passwordless auth and fraud prevention flows.
Detectify — External attack surface monitoring with crowdsourced vulnerability research and automated scanning.
Detectree AI Phishing — AI-powered phishing URL detection engine using decision tree models and real-time threat feeds.
Devo Security Platform — Cloud-native SIEM with real-time analytics, 400-day hot data retention and AI-powered investigation.
Digital Guardian — Data-centric security platform with DLP endpoint detection and managed security services.
Dirsearch — Web path discovery tool for brute forcing directories and files on web servers.
DNSDumpster — Free domain research tool for discovering hosts related to a domain and DNS records.
Doppler SecretOps — Universal secrets management platform syncing environment variables across apps and infrastructure.
Dragos — Industrial cybersecurity platform for OT threat detection with ICS-specific threat intelligence.
Drata — Compliance automation platform for SOC 2 ISO 27001 with continuous control monitoring.
DTEX InTERCEPT — AI-powered insider threat management with behavioral intelligence and workforce cyber protection.
Duality Technologies — Privacy-enhancing computation platform using homomorphic encryption for secure data collaboration.
Egress Email Security — AI-powered adaptive email security preventing inbound phishing and outbound data breaches.
Elastic Security — Unified SIEM, endpoint security, and cloud security built on the Elastic Stack. Free and open tier available, with AI-driven detection and response.
Emailage by LexisNexis — Email risk scoring and digital identity intelligence for fraud prevention.
Endor Labs Platform — Function-level reachability SCA with 92% noise reduction and built-in compliance automation.
Endor Labs SCA — Next-generation software composition analysis with reachability analysis to eliminate false positives
Ermetic — Cloud infrastructure entitlement management with AI-powered permission analysis and remediation.
ESET Protect Platform — Multi-layered endpoint protection with AI-powered detection, cloud sandboxing and XDR.
Exabeam — Behavioral analytics SIEM with AI-driven user and entity behavior analytics detecting insider threats and compromised accounts.
ExpressVPN — Premium VPN with Lightway protocol TrustedServer technology and strong privacy features.
ExtraHop RevealX — Cloud-native NDR with AI-powered network traffic analysis and real-time threat detection.
F5 Distributed Cloud WAF — Enterprise WAF with AI-driven threat intelligence multi-cloud protection and API security.
Falco Runtime — Open-source cloud-native runtime security with real-time threat detection for containers and Kubernetes.
Featurespace — AI-powered real-time fraud and financial crime prevention using adaptive behavioral analytics.
Ffuf — Fast web fuzzer written in Go for directory discovery content discovery and parameter fuzzing.
Fidelis Network — Network detection and response with deep session inspection and automated threat hunting.
Filigran OpenBAS — Open-source breach and attack simulation platform by the OpenCTI team for security validation.
Filigran OpenCTI Cloud — Managed threat intelligence platform built on OpenCTI providing structured knowledge management for security teams
Flashpoint Intelligence — Threat intelligence covering deep and dark web, vulnerabilities, and geopolitical risk.
FOCA Tool — Open-source metadata extraction tool for finding hidden information in documents and files.
Forcepoint DLP — Enterprise DLP with risk-adaptive protection across web cloud and endpoint channels.
Forescout — Network access control and IoT security platform with automated device discovery and compliance.
Fortify SAST — Enterprise static application security testing with AI-assisted audit and 1000+ vulnerability categories.
Fortinet FortiAI — AI across FortiOS for automated threat hunting, malware analysis, and SOC orchestration.
Fortinet FortiEDR — Real-time AI endpoint protection with pre and post-infection response.
Fortinet FortiGate — AI-powered next-gen firewall with integrated IPS, SD-WAN and zero-trust network access.
Fossa Platform — Open-source license compliance and vulnerability management for modern development teams.
Frida — Dynamic instrumentation toolkit for developers and security researchers for runtime analysis.
FTK Imager — Data preview and imaging tool for creating forensic images and recovering deleted files.
Garak LLM Scanner — Open-source LLM vulnerability scanner testing for prompt injection jailbreaks and safety failures.
Ghauri SQLi Tool — Advanced SQL injection detection and exploitation tool with WAF bypass and multiple injection techniques.
Ghidra — NSA open-source software reverse engineering framework with decompiler and analysis tools.
GitGuardian — Secrets detection and remediation platform scanning repositories, CI/CD pipelines, and Docker images for leaked credentials and API keys.
GitGuardian DevSecOps — Secrets detection platform with 350+ detectors scanning code repos CI/CD and Docker images.
Kubescape — Open-source Kubernetes security platform with risk analysis compliance and misconfiguration scanning.
Lacework Platform — AI-powered behavioral anomaly detection across cloud workloads accounts and containers.
Lakera Guard Review 2026: Real-Time AI Security for LLMs — Lakera Guard protects LLMs from prompt injection, jailbreaks, and data leaks in real time via a simple API. Free tier available. Full review with pricing and alternatives.
Lasso Security — LLM security platform protecting against prompt injection data leakage and model manipulation.
LastPass — Popular password manager with autofill password sharing and security dashboard.
LayerX — Enterprise browser security platform protecting against web threats data leaks and shadow SaaS.
LetsDefend — Blue team training platform with SOC analyst simulations alert triage and incident response labs.
Lineaje SBOM360 — Software supply chain security platform providing deep SBOM intelligence and risk scoring
LogRhythm — AI-enabled SIEM with built-in SOAR and SmartResponse automation for rapid threat containment and compliance-focused reporting.
Lookout — Cloud security platform with mobile threat defense data protection and CASB capabilities.
Magnet AXIOM — Enterprise digital forensics and incident response platform for computer mobile and cloud evidence.
Maltego — Visual link analysis and data mining tool for OSINT investigations.
Malwarebytes ThreatDown — AI-powered endpoint security with automated remediation designed for lean security teams.
Mandiant Threat Intelligence — Google-backed threat intelligence with frontline expertise from incident response engagements.
Matano SIEM — Open-source cloud-native SIEM built on AWS with serverless log analysis and threat detection.
Material Security — Email security protecting sensitive data in mailboxes with redaction, access controls and DLP.
Medigate by Claroty — Healthcare IoT security platform with clinical device visibility and threat detection.
Mend.io Platform — Automated open-source security and license compliance with AI-powered remediation.
Metasploit — Industry-standard exploitation framework with massive exploit database. Community free and Pro commercial editions available.
MetricStream — AI-first enterprise GRC platform with advanced risk intelligence and continuous controls monitoring.
Microsoft Defender for Endpoint — Enterprise endpoint security platform with AI-driven threat detection, automated investigation, and deep integration with Microsoft 365 and Azure.
Microsoft Entra ID — Cloud IAM with AI conditional access, risk-based auth, and identity governance.
Microsoft Entra ID IAM — Cloud IAM with AI conditional access risk-based authentication and identity governance.
Microsoft Purview — Unified data governance and DLP across Microsoft 365 Azure and multi-cloud environments.
Microsoft Sentinel + Security Copilot — Cloud-native SIEM with generative AI assistant for natural language threat hunting, automated incident summaries, and multilingual support.
Miggo Security ADR — Application detection and response platform identifying distributed application vulnerabilities at runtime
Mimecast — Cloud email security platform providing advanced threat protection, archiving, continuity, and awareness training against email-borne attacks.
Mimecast Email Security — Cloud-based email security with AI threat detection, continuity and archiving.
Mindgard AI Security — AI security testing platform with automated red teaming for machine learning models and LLMs.
MISP Platform — Open-source threat intelligence sharing platform for collaborative analysis and IOC exchange.
MITRE ATT&CK Navigator — Interactive tool for mapping and visualizing adversary techniques from the MITRE ATT&CK framework.
Mobb AI Autofix — AI-powered automated vulnerability remediation generating verified code fixes from SAST findings
MobSF — Open-source automated mobile application security testing framework for Android and iOS.
Mullvad VPN — Privacy-focused VPN with no account needed anonymous payment and fixed pricing.
Mythic C2 Platform — Collaborative multi-platform red teaming framework with modular agents and customizable payloads.
Naabu Port Scanner — Fast SYN/CONNECT port scanner by ProjectDiscovery optimized for large-scale reconnaissance.
Nessus Professional — Industry-standard vulnerability scanner with over 80000 plugins and compliance auditing.
NetRise XIoT Security — Firmware and XIoT security platform analyzing embedded device software for vulnerabilities at scale
Netskope — SASE platform with AI-powered data protection inline CASB and zero trust network access.
NetworkMiner — Open-source network forensics tool for OS fingerprinting, file extraction and packet analysis.
Nightfall AI for LLMs — AI-native DLP for ChatGPT, Copilot and LLM apps preventing sensitive data leakage in prompts.
Nightfall AI Review 2026: Cloud DLP for SaaS & GenAI Apps — Nightfall AI is a cloud-native DLP platform that detects and protects sensitive data (PII, secrets, credentials) across SaaS, email, and GenAI apps. Pricing and review inside.
Nikto Scanner — Open-source web server scanner testing for dangerous files, outdated software and misconfigurations.
Nmap — Industry-standard network scanner for port scanning, service and OS detection.
Noma Security — AI and agentic risk platform with continuous asset discovery and AI-SPM. Raised $100M.
Noname Security — API security platform providing discovery posture management runtime protection and testing.
NordPass — NordPass is a secure password manager from the makers of NordVPN, featuring zero-knowledge encryption, password health reports, and secure credential sharing.
NordVPN — Leading VPN with NordLynx protocol Threat Protection and double VPN for maximum security.
Normalyze DSPM — AI-powered data security posture management with agentless scanning and data flow mapping.
NowSecure — AI-powered mobile application security testing for iOS and Android with automated analysis.
Nozomi Networks — AI-powered OT and IoT network visibility and threat detection for critical infrastructure.
Nuclei Scanner — Fast open-source vulnerability scanner with template-based detection and community contributions.
Nudge Security SaaS — AI-powered SaaS security platform discovering and governing all cloud and GenAI app usage.
Offensive Security — Creator of OSCP the gold-standard penetration testing certification with hands-on labs.
Okta — Enterprise identity and access management platform providing SSO, MFA, and lifecycle management for workforce and customer identities.
Okta IAM — AI-enhanced identity and access management with adaptive MFA and universal directory.
Oligo Security — Runtime application security observability detecting library-level vulnerabilities in production
OneSpan Identity — Digital identity verification and authentication with AI-powered fraud analytics.
OneTrust — Privacy management and GRC platform with AI-powered data discovery and compliance automation.
Privacera — Unified data access governance and security for multi-cloud and AI environments.
Private AI — AI-powered PII detection and redaction for unstructured data across 50+ languages.
ProcessUnity TPRM — Third-party risk management platform with automated vendor assessments and continuous monitoring.
Prompt Armor LLM — Real-time prompt injection firewall protecting LLM applications from adversarial inputs and jailbreaks.
Prompt Security Platform — GenAI security for employees code assistants and AI agents with prompt injection defense.
Proofpoint — AI-powered email security and compliance platform protecting against phishing, BEC, malware, and data loss across email and cloud channels.
Proofpoint Email Protection — AI-powered email security with advanced threat protection, DLP and archiving for enterprises.
Proofpoint SAT — Security awareness training with targeted phishing simulations and adaptive learning modules.
Protect AI Platform — AI and ML security platform with model scanning supply chain risk and deployment gating.
ProtonMail — Swiss-based end-to-end encrypted email with zero-access encryption and no tracking.
ProtonVPN — Swiss-based privacy VPN with open-source clients Secure Core routing and free tier.
Prowler Cloud Security — Open-source cloud security tool performing AWS, Azure and GCP security assessments and compliance.
Pulsedive Intel — Community-powered threat intelligence with automated IOC enrichment and risk scoring.
PyRIT — Microsoft open-source Python toolkit for identifying risks in generative AI systems.
Qualys VMDR — AI-powered vulnerability management detection and response with TruRisk prioritization.
Qwiet AI CodeScan — AI-powered code analysis platform finding reachable vulnerabilities with 95% fewer false positives.
RAD Security — Cloud-native runtime security creating behavioral fingerprints for workload protection.
Radare2 Framework — Open-source reverse engineering framework with disassembler, debugger and binary analysis tools.
RangeForce — Enterprise cyber skills platform with hands-on SOC simulations and security operations training.
Rapid7 InsightVM — Cloud-powered vulnerability management with live dashboards and automated remediation workflows.
Reach Security Platform — AI platform that maps active threats to existing security tool configurations for optimal protection
Rebuff AI Defense — Open-source self-hardening prompt injection detection framework with multi-layer defense.
Recon-ng — Modular web recon framework with Metasploit-like interface.
Recorded Future Intelligence — AI-powered threat intelligence platform with real-time analysis of open web, dark web and technical sources.
REMnux Distro — Linux toolkit for reverse-engineering and analyzing malicious software with 700+ pre-installed tools.
Responder Tool — LLMNR, NBT-NS and MDNS poisoner for credential harvesting during internal penetration tests.
Rezilion Platform — AI-powered vulnerability validation determining which CVEs are actually exploitable in runtime.
Rezonate Identity Risk — Cloud identity threat detection and response platform discovering and remediating identity attack paths
Riskified Platform — Machine learning ecommerce fraud prevention with chargeback guarantee and revenue optimization.
RiskRecon by Mastercard — Third-party cyber risk management with continuous assessment and detailed security performance insights.
RoboForm — Password manager with one-click form filling, AES-256 encryption, secure password generator, and cross-device sync across Windows, Mac, iOS, and Android.
Robust Intelligence — AI firewall and continuous validation platform protecting ML models in production.
Runecast Analyzer — AI-powered security compliance for VMware, AWS, Azure and Kubernetes environments.
RunReveal SIEM — Next-generation cloud-native SIEM built on modern data architecture for cost-effective security log analysis
SafeBreach — Breach and attack simulation with continuous security validation and risk-based remediation.
SailPoint IAM — AI-powered identity governance with automated access certifications and role mining.
Salt Security — AI-powered API security platform discovering monitoring and protecting APIs from attacks.
Sardine AI Fraud — AI-native fraud prevention with device intelligence, behavioral biometrics and instant bank verification.
Saviynt — AI-enhanced identity governance and cloud PAM with intelligent access analytics.
Savvy Security — SaaS security platform providing just-in-time guardrails for workforce identity and app governance.
SCADAfence Platform — OT and IoT network monitoring with asset discovery, threat detection and compliance management.
SecurityTrails — Historical DNS and domain intelligence platform for security research and OSINT.
Securonix SIEM — Cloud-native SIEM with UEBA and SOAR using AI to detect advanced insider threats.
Seemplicity Remediation — Automated security remediation operations platform reducing backlog across vulnerability and finding management
Semgrep Platform — Lightweight SAST SCA and secrets detection with AI noise filtering and 98% false positive reduction.
SentinelOne Purple AI — Generative AI hunting and response assistant accelerating threat investigations with open telemetry ingestion from third-party sources.
SentinelOne Singularity — Autonomous AI EDR/XDR with one-click rollback. Gartner Leader four years running.
SentinelOne Singularity — AI-powered autonomous endpoint protection platform with EDR/XDR, automated response, and threat hunting across endpoints, cloud, and identity.
Shield AI Fraud — AI-powered fraud detection for mobile-first businesses with device fingerprinting and risk scoring.
Shodan Search Engine — Internet-connected device search engine for discovering exposed services, IoT devices and vulnerabilities.
Sift Digital Trust — AI-powered digital trust platform preventing payment fraud, account takeover and content abuse.
SIFT Workstation — SANS open-source incident response and forensic tools collection built on Ubuntu.
Signal — Open-source end-to-end encrypted messaging app with disappearing messages and no data collection.
Silk Security — AI-driven risk prioritization platform cutting through finding noise across AppSec cloud and infra
Silverfort Platform — Agentless identity security with AI-powered MFA and identity threat detection across all resources.
Silverfort Unified Identity — Agentless unified identity protection extending MFA and zero trust to any resource including legacy systems
SlashNext — AI phishing protection with real-time URL analysis across all channels.
Sliver C2 Framework — Open-source cross-platform adversary emulation framework by BishopFox for red team operations.
Snort — Open-source network intrusion detection and prevention system (IDS/IPS) with real-time traffic analysis, packet logging, and rule-based threat detection.
Snort IDS — Open-source intrusion detection and prevention system with real-time traffic analysis by Cisco.
Snyk Cloud Security — Developer-first cloud security with IaC scanning, drift detection and cloud context analysis.
Snyk Code SAST — AI-powered SAST scanning code in real-time with developer-friendly fix suggestions.
Snyk Container Security — AI-powered container vulnerability scanning for images and Kubernetes workloads.
Snyk DevSecOps — Developer-first security with AI-powered SAST, SCA, container and IaC scanning.
Snyk Learn — Free developer security education platform with interactive lessons on common vulnerabilities.
Socket Supply Chain — AI-powered supply chain security detecting malicious and risky open-source dependencies before install.
SOCRadar Platform — AI-powered extended threat intelligence with digital risk protection and attack surface management.
SonarCloud Analysis — Cloud-based code quality and security analysis with AI-powered issue detection for 30+ languages.
SonarQube Platform — Code quality and SAST platform with AI CodeFix quality gate enforcement and 30+ language support.
Sonatype Nexus Lifecycle — AI-powered software supply chain security with component analysis and policy enforcement.
Sonrai Security — Cloud permissions and data security platform with identity governance and blast radius analysis.
Sophos Intercept X — AI-powered endpoint protection with deep learning malware detection and anti-ransomware.
SpamTitan Gateway — AI-powered email security gateway with sandboxing, DLP and phishing protection for businesses.
Spec Application Intelligence — Real-time application journey intelligence platform detecting fraud bots and abuse across user workflows
SpiderFoot — Open-source automated OSINT tool with 200+ data source modules.
Splunk — AI-powered SIEM platform for security monitoring, threat detection, and incident response with machine learning analytics.
Splunk with AI — Industry-leading SIEM with ML-powered anomaly detection, predictive analytics, and AI assistant capabilities for security operations.
Sprinto — Automated compliance platform for SOC 2 ISO 27001 with risk management and audit support.
Sprocket Security — Continuous penetration testing platform combining AI automation with human-led attack simulation.
SQLMap — Open-source automatic SQL injection detection and exploitation tool.
StackHawk DAST — Developer-first dynamic application security testing running in CI/CD with OpenAPI integration.
Steampipe Cloud Query — Open-source tool querying cloud APIs using SQL for security, compliance and infrastructure analysis.
Stellar Cyber Open XDR — Open XDR platform with AI-driven correlation across network endpoint and cloud for MSSPs.
Strata Identity — Identity orchestration platform enabling multi-cloud identity management without ripping and replacing existing IDPs
Strix Offensive — Autonomous AI agents generating PoC exploits with CI/CD integration. 19K+ GitHub stars.
Subfinder — Fast passive subdomain enumeration tool supporting many data sources for bug bounty recon.
Subjack Takeover — Open-source subdomain takeover detection tool scanning for vulnerable CNAME records at scale.
Sublime Security Email — Open-core email security platform with customizable detection rules and AI-assisted triage.
Surfshark — Affordable VPN with unlimited device connections CleanWeb ad blocker and MultiHop.
Suricata — Open-source high performance network IDS IPS and security monitoring engine.
Sweet Security Runtime — Cloud runtime security platform using behavioral profiling for real-time threat detection
Swimlane Turbine — AI-powered SOAR platform with low-code automation and case management for security operations.
Symantec DLP — Enterprise data loss prevention with content-aware detection across endpoints network and cloud.
Synack Platform — Premium crowdsourced security testing with vetted researchers and AI-powered analytics.
Sysdig — Cloud and container security with runtime threat detection powered by Falco.
Sysdig Secure Platform — Cloud and container security with runtime threat detection powered by open-source Falco engine.
Zenity AI Governance — Enterprise platform securing and governing low-code no-code and AI-powered business applications
ZeroFox Platform — External cybersecurity platform with AI-powered digital risk protection and threat intelligence.
Zimperium — AI-driven mobile threat defense protecting devices apps and networks from advanced attacks.
ZoomEye Platform — Cyberspace search engine mapping internet assets with device fingerprinting and vulnerability detection.
Zscaler — Cloud-native zero trust platform providing secure internet access, private access, and digital experience monitoring for distributed workforces.
Zscaler Data Protection — Inline AI-powered DLP protecting data across web, SaaS, email and private apps.
Zscaler Internet Access — Cloud-native secure web gateway with AI-powered threat prevention and zero trust architecture.
Zscaler Private Access — Zero trust network access replacing VPNs with AI-powered adaptive access control.