Security Scanners

Scanners used within AquilaX AI

At AquilaX, we believe a top-notch Application Security and DevSecOps program should leverage the best of today’s trusted, mature open-source scanners. We openly showcase each scanner we use, allowing our clients to see exactly how we’re protecting their code. And for those needing more, we also integrate and offer a full range of both private and open-source scanners to cover all bases in application security.

Logo
License
Used for

Apache 2.0

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Apache 2.0

Go security checker

Apache 2.0

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Apache 2.0

Source code secret scanner by Goldman Sachs and FINOS

Apache 2.0

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

The audit command submits a description of the dependencies configured in your project to your default registry and asks for a report of known vulnerabilities.

MIT

Protect and discover secrets using Gitleaks 🔑

Apache 2.0

An enterprise friendly way of detecting and preventing secrets in code.

Apache 2.0

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Apache 2.0

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Apache 2.0

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Apache 2.0

Bandit is a tool designed to find common security issues in Python code.

MIT

Performant and security type-checking for python.

Apache 2.0

Security risk analysis for Kubernetes resources

Apache 2.0

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Apache 2.0

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Apache 2.0

Sobelow is a security-focused static analysis tool for Elixir & the Phoenix framework.

MIT

Web application attack surface scanner by Nullify

Last updated