Curating security tools

Hexagon shape

Building workflows

Finding vulnerabilities

Generating capacity for your team

Hexagon shape

Without any code

See the product demo today

Interested in maximising your security with ease? Secure your demo now to see how Smithy saves time and enhances protection.

View Demo

We are Open-Core

We are the only security workflows engine with a growing community of dedicated contributors. Our open core allows stakeholders to have complete transparency on approach and security. We don't gather "analytics", we don't use your data for machine learning. We don't maintain relationships via vendor lock-in. If you need to offboard from Smithy-Pro, you can do so, seamlessly. Smithy-Pro is fully compatible with Open-Smithy. Have a look at the open source version of Smithy

View the Project on GitHub

DevSecOps explorer

Do you want to visualise your DevSecOps process? Have a look at the new tool explorer.

Explore
Explorer screenshot
explorer screenshot

Our Integrations

Build the perfect set of tools for the task at hand, speed up
your tasks, and leave the heavy lifting to us.

See all integrations
Source
wget wget
Producer
Tfsec Tfsec
Producer
Black duck Black duck
Producer
Docker-Trivy Docker-Trivy
Enricher
Deduplication Deduplication
Consumer
MongoDB MongoDB
Source
GitHub GitHub
Producer
GoSec GoSec
Producer
AWS S3 AWS S3
Enricher
Standards Standards
Producer
Python bandit Python bandit
Source
Dependency Dependency
Producer
Yarn audit Yarn audit
Producer
Checkmarx Checkmarx
Producer
Dependency Track Dependency Track
Enricher
Policy Policy
Consumer
GitHub GitHub
Enricher
Training Training

Built by security experts,
for security experts.

The smithy platform is intuitive, powerful, and developer friendly. It was built to save time & make securing data incredibly easy.

Read the Docs
Workflows listing screenshot
Workflows listing screenshot

Sign up to our newsletter

We send infrequent emails to announce
features, specific use cases and white papers with new research.