Threat Modeling

Jit

Security as Code, Simplified.

A platform that helps developers easily implement and manage security controls across their CI/CD pipeline.

View tool details →

Legit Security

Secure Your Software Supply Chain.

A platform for securing the software supply chain from code to cloud and managing SDLC security posture.

View tool details →

TruffleHog

Find leaked secrets, wherever they are.

An open-source and enterprise tool for finding exposed secrets in code repositories, filesystems, and more.

View tool details →

ThreatModeler

The Intelligent Threat Modeling Platform.

An automated threat modeling solution that provides a unified view of threats across applications, cloud, and infrastructure.

View tool details →

Cycode

The Application Security Posture Management (ASPM) Platform.

A platform that provides visibility, risk-driven prioritization, and remediation across the entire SDLC.

View tool details →

Tromzo

The New Way to Do Product Security.

An Application Security Posture Management (ASPM) platform that prioritizes vulnerabilities based on code and runtime context.

View tool details →

GitGuardian

The Code Security Platform for the Enterprise.

A leading platform for secrets detection and remediation within the software development lifecycle.

View tool details →

Semgrep

Static analysis at ludicrous speed.

An open-source, fast, and customizable static analysis tool for finding bugs and enforcing code standards.

View tool details →

Apiiro

The Proactive Application Risk Management Platform.

A code risk platform that connects application risks from design to code to cloud.

View tool details →

SpectralOps

Developer-first code security.

A security scanner that finds and fixes hardcoded secrets, security misconfigurations, and risky code.

View tool details →

StackHawk

DAST and API Security Testing for Developers.

A dynamic application and API security testing tool built for automation in CI/CD.

View tool details →

IriusRisk

The AI Threat Modeling Tool for Secure Software Development.

An automated threat modeling platform that helps developers and security teams build secure software from the start.

View tool details →

Snyk

AI-powered Developer Security Platform.

A platform that finds and fixes vulnerabilities in code, open source dependencies, containers, and IaC.

View tool details →

Veracode

The Application Security Company.

A comprehensive application security platform offering SAST, DAST, SCA, and developer training.

View tool details →

SD Elements

Build Secure, Compliant Software from the Start.

A Security by Design platform that automates threat modeling and secure development requirements.

View tool details →

Checkmarx

Make security intrinsic to your software.

An enterprise platform for application security testing, covering SAST, SCA, IAST, and IaC security.

View tool details →

OWASP Threat Dragon

An open-source threat modeling tool from OWASP.

A free, open-source, cross-platform threat modeling application for creating diagrams and identifying threats.

View tool details →

Microsoft Threat Modeling Tool

A core element of the Microsoft Security Development Lifecycle (SDL).

A free tool from Microsoft that helps identify and mitigate potential security issues early in the development lifecycle.

View tool details →

Threagile

Agile Threat Modeling as Code.

An open-source, IDE-based toolkit for agile threat modeling using a declarative YAML format.

View tool details →

CAIRIS

Computer Aided Integration of Requirements and Information Security.

An open-source platform for specifying and modeling secure and usable systems.

View tool details →

securiCAD

Proactive Cybersecurity Management.

An automated threat modeling and attack simulation tool for enterprise IT environments.

View tool details →

PyTM

A Pythonic framework for threat modeling.

An open-source Python framework for defining threat models as code.

View tool details →

Tutamen

Automated Threat Modeling.

A tool designed to automate and simplify the threat modeling process for developers.

View tool details →