Jira
Issue tracking and project management integration.
Qualys
Comprehensive vulnerability management and assessment.
CSV Import
Import vulnerabilities from CSV files.
AIM
Asset and inventory management integration.
Manual Import
Upload vulnerability data manually.
Nuclei
Fast template-based scanner for APIs, applications, and infrastructure.
Trivy
Scanner for containers, IaC, dependencies, secrets, and cloud configs.
Semgrep
Lightweight static analysis tool for code security.
Bandit
Python-focused static analysis for security flaws.
CodeQL
Semantic static analysis for deep vulnerability detection.
SonarQube
Code quality and security analyzer.
OWASP ZAP
Dynamic application security testing.
Clair
Container vulnerability analysis tool.
Grype
Container vulnerability scanner.
Syft
SBOM generation for containers and filesystems.
TruffleHog
Secret scanning tool for repositories.
Gitleaks
Git repository secret detection.
GitGuardian
Secret detection in repos and CI/CD pipelines.
Checkov
Policy-as-code scanning for IaC.
TFSec
Terraform security scanning.
KICS
IaC security scanning tool.
ScoutSuite
Multi-cloud security auditing.
CloudSploit
Cloud configuration posture scanning.
Prowler
AWS security assessment tool.
Kubescape
Kubernetes security scanning and compliance.
Kube-bench
Kubernetes CIS benchmark evaluation.
Kube-hunter
Kubernetes penetration testing.
OWASP Dependency-Check
Vulnerability detection in third-party libraries.
Safety
Python dependency vulnerability checker.
npm audit
Node.js dependency vulnerability scanner.