Security Scanners
Scanners used within AquilaX AI
At AquilaX, we believe a top-notch Application Security and DevSecOps program should leverage the best of today’s trusted, mature open-source scanners. We openly showcase each scanner we use, allowing our clients to see exactly how we’re protecting their code. And for those needing more, we also integrate and offer a full range of both private and open-source scanners to cover all bases in application security.
Apache 2.0
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Apache 2.0
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Apache 2.0
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
The audit command submits a description of the dependencies configured in your project to your default registry and asks for a report of known vulnerabilities.
Apache 2.0
An enterprise friendly way of detecting and preventing secrets in code.
Apache 2.0
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Apache 2.0
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Apache 2.0
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Apache 2.0
Bandit is a tool designed to find common security issues in Python code.
Apache 2.0
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Apache 2.0
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Apache 2.0
Sobelow is a security-focused static analysis tool for Elixir & the Phoenix framework.
MIT
Web application attack surface scanner by Nullify
Last updated