Need a new integration?
We’ve got the expertise to ensure you have the optimal
tools at your disposal to maximise your security workflow.
Integrate with the tools your customers need
Our cutting-edge workflow platform seamlessly integrates with our existing tools. Need an integration you don't see? Let us know and we'll build it.
Sources
Components that fetch the resources you need to scan.
wget
Download a file from a URL using wget.
GitHub
Clone a Git repository from a remote origin.
Dependency
Accepts a pURL argument belonging to one of the supported types and generates a dependency file relevant to the type.
Producers
Components that scan your resources and produce security alerts.
Dependency Check
Generate a Dependency-Check report from source code.
Checkov
Policy as code.
ThreadSoft
Our powerful portal empowers you to identify and prioritize vulnerabilities, providing you with the tools you need to take proactive measures against potential cyber threats.
OSSF Scorecard
Generates scorecards for open source projects to show how they adhere with best practices.
CDX Gen
Generate a CycloneDX SBOM from source code.
Mobile Security Framework
Research platform for mobile applications in Android, iOS and Windows Mobile.
Trufflehog
Secret scanner for repositories.
Snyk Docker
Run Snyk For Docker.
Snyk Python
Run Snyk For Python.
Dependency Track
Generate a Dependency-Track report from source code.
Python Bandit
SAST scanner that analyses Python source code to look for security issues.
Python PIP Safety
Dependency scanner for Python projects.
Java SpotSecBugs
SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community.
Java FindSecBugs
Generate a FindSecBugs report from source code.
KICS
Generate a KICS report from source code.
Golang Gosec
Analyse Go source code to look for security issues.
Github Code Scanning
Retrieve a GitHub Code Scanning report from a GitHub repository.
Aquasec Terraform TFsec
Generate a Terraform-Tfsec report from source code.
Test SSL
Generate a Testssl.sh report from a target URL.
TypeScript Eslint
Static analysis for JavaScript and TypeScript projects.
ZAProxy
DAST scanner that analyses web applications for security issues.
Aquasec Docker-Trivy
Generate a Trivy report from a Docker image.
BlackDuck
Produces findings using Blackduck.
CheckMarx
Produces findings using Checkmarx.
Golang Nancy
Dependency scanner for Golang projects.
Semgrep
Analyse source code using Semgrep to look for security issues.
TypeScript Yarn Audit
Dependency scanner for Node.js projects.
Enrichers
Components that enrich your security alerts with more details and turn them into actionable events.
Codeowners
Identifies a code owner for each finding.
DepsDev
Adds context from deps.dev for each third-party dependency.
Training
Adds relevant training resources to findings.
Reachability
Performs a reachability check on a supplied repository using AppThreat/atom.
Deduplication
Compares multiple inputs and removes duplicates.
Knowledgebase
Adds knowledge base information (e.g. OWASP Cheat Sheets) to findings.
Policy
Enforces security policies defined in OPA for each finding.
LLM
Adds information to findings using a language model.
Multitool Deduplication
Deduplicates findings from multiple tools.
Standards
Adds security standard information to findings using OpenCRE.
Consumers
Components that consume and display your security alerts.
Pushes findings to an S3 bucket as PDFs.
DefectDojo
Pushes findings to a DefectDojo vulnerability management instance.
Dependency Track
Pushes findings to a Dependency-Track instance.
GitHub
Uploads scan results to GitHub Advanced Security.
stdout JSON
Prints findings to stdout in JSON format.
Slack
Pushes findings to a Slack channel.
Jira
Pushes findings to a Jira instance.
AWS S3
Pushes findings to an S3 bucket.
BigQuery
Pushes findings to a BigQuery database.
ArangoDB
Pushes findings to an ArangoDB database.
MongoDB
Pushes findings to a MongoDB database.
ElasticSearch
Pushes findings to an Elasticsearch database.
Filebeat
Log aggregator for Kibana
Lets talk!
Interested in maximising security with zero code?
Sign up and we'll get back to you.