Doppler
A platform for managing sensitive application secrets securely in cloud and DevOps environments.
Amazon Detective
A security service that automates the collection and analysis of log data from AWS resources to investigate security issues.
HashiCorp Vault
A tool for managing and securing sensitive data such as tokens, passwords, certificates, and API keys.
Bridgecrew
Bridgecrew automates the identification and remediation of misconfigurations in cloud infrastructure, leveraging its open-source tool Checkov for static analysis of IaC templates.
Sigstore
A tool for ensuring the integrity and authenticity of software artifacts in the supply chain.
Checkmarx SAST
A static application security testing tool that identifies and mitigates security vulnerabilities early in the software development life cycle.
Stacklet Platform
A governance as code platform that extends Cloud Custodian for managing cloud security, compliance, and cost across multiple cloud environments.
Snyk Cloud
Snyk Cloud secures cloud environments by integrating security checks into the development lifecycle, automating scans and continuous monitoring of cloud configurations.
HashiCorp Sentinel
HashiCorp Sentinel is a policy-as-code framework that enables fine-grained policy enforcement across infrastructure management tools, ensuring compliance with business and regulatory requirements.
Snyk Cloud Security
A platform for securing cloud-native applications and infrastructure by integrating security into the software development lifecycle.
Open Policy Agent
Open Policy Agent (OPA) is a unified policy framework that enables fine-grained, context-aware policy management across cloud-native systems.
Spectral
A DevSecOps tool that integrates security into the software development lifecycle, focusing on secret protection and code security.