AI Cybersecurity Tools Directory (500+)

1Password — Premium password manager with Watchtower breach monitoring and business team management.
42Crunch — API security platform with OpenAPI-driven audit scan and runtime protection.
Abnormal ICES Platform — Integrated cloud email security replacing legacy SEGs with behavioral AI threat detection.
Abuse.ch Threat Feeds — Community-driven threat intelligence providing free feeds for malware, botnets and ransomware tracking.
AccuKnox AI CoPilot — GenAI security copilot for Kubernetes and cloud with runtime protection.
Acunetix — Automated web application and API vulnerability scanner with advanced crawling technology.
Aembit Workload IAM — Workload identity and access management platform securing service-to-service connections
Agari Phishing Defense — AI-powered email identity protection using behavioral analytics to stop phishing and BEC.
AI Exploits — Curated exploits and payloads for red teams testing AI systems and ML pipelines.
Aikido Security Platform — All-in-one DevSecOps with AI code review, AutoTriage, AutoFix and AI pentesting.
Aim Security — Enterprise AI security platform providing visibility and governance for generative AI adoption.
Akamai App and API Protector — Enterprise WAF with adaptive AI threat detection API protection and bot management.
AlienVault OTX — Open threat exchange community sharing real-time threat indicators and collaborative threat research.
Allama — Open-source AI security automation tool for automated security workflows.
Amass — OWASP attack surface mapping with advanced DNS enumeration.
Anecdotes Compliance OS — AI-powered compliance operating system automating evidence collection across enterprise security frameworks
Anvilogic SIEM — AI-driven threat detection engineering platform working across any SIEM or data lake.
ANY.RUN — Interactive malware sandbox with real-time analysis and threat intelligence feeds.
Apiiro Platform — AI-powered application risk management with code behavior analysis and risk graph visualization.
Apiiro Risk Graph — Code risk platform mapping application architecture to prioritize security issues by business impact
Appgate SDP — Zero-trust network access with software-defined perimeter and context-based micro-segmentation.
Aqua Security Platform — Cloud-native security platform protecting containers, serverless and VMs from build to runtime.
Arctic Wolf MDR — AI-powered managed detection and response with 24x7 SOC monitoring and concierge security team.
Area 1 Security — Preemptive email security acquired by Cloudflare using AI to stop phishing before delivery.
Arjun Parameter Finder — HTTP parameter discovery suite finding valid query and body parameters for web endpoints.
Arkime Full Packet — Open-source full packet capture and search system for large-scale network forensics.
Armis — Agentless asset intelligence platform for OT IoT and medical device security.
Arnica Supply Chain — Behavior-based software supply chain security platform with automated developer risk scoring
ART (Adversarial Robustness Toolbox) — IBM open-source library for ML model robustness testing against all attack types.
Asimily IoT Platform — AI-powered IoT risk management for healthcare and enterprise with vulnerability prioritization.
Astra Security Suite — Comprehensive pentest platform with automated DAST scanning, manual testing and compliance reports.
Astrix Security — Non-human identity security platform managing API keys service accounts and OAuth tokens at scale
Atomic Red Team — Open-source library of tests mapped to MITRE ATT&CK for validating security controls.
AttackIQ — Breach and attack simulation platform validating security controls against MITRE ATT&CK.
Auth0 by Okta — Developer-focused identity platform with AI-powered bot detection and adaptive MFA.
Autopsy — Open-source digital forensics platform for hard drive and smartphone analysis.
Avalor Data Fabric — Security data fabric platform unifying and normalizing data from hundreds of security tools
Avanan Cloud Email — API-based email security by Check Point catching phishing missed by Microsoft 365 and Google.
AWS WAF — Cloud-native WAF for AWS with managed rules bot control and fraud prevention.
Axiad Platform — Passwordless orchestration platform with phishing-resistant MFA and certificate management.
Backslash Security — Application security posture management using reachability analysis for cloud-native code
Barracuda Sentinel — AI-powered protection against spear phishing business email compromise and account takeover.
BeyondTrust PAM — Privileged access management with AI analytics and least privilege enforcement.
BigID — AI-powered data intelligence platform for privacy security and governance at enterprise scale.
Binarly FW Security — AI-powered firmware and binary analysis platform detecting known and unknown vulnerabilities in device software
Binary Ninja — Interactive binary analysis platform with IL-based decompilation and plugin ecosystem for reverse engineering.
BioCatch Platform — Behavioral biometrics platform using AI to detect fraud based on user interaction patterns.
Bitdefender GravityZone — AI-powered unified endpoint security with risk analytics, EDR and hardening in one platform.
BitSight Platform — Cyber risk ratings and analytics platform for third-party risk management and benchmarking.
Bitwarden — Open-source password manager with free tier self-hosting option and strong encryption.
Black Duck Platform — Enterprise SCA with binary scanning SBOM generation license compliance and supply chain security.
BloodHound AD — Active Directory attack path mapping tool revealing hidden relationships and privilege escalation paths.
Blumira SIEM — Automated SIEM and XDR for SMBs with guided response playbooks and instant threat detection.
BreachLock Platform — AI-powered penetration testing as a service with full-stack security assessments and compliance.
Bridgecrew by Prisma — Developer-first IaC security with automated scanning for Terraform, CloudFormation and Kubernetes.
Brute Ratel C4 — Advanced red team simulation tool with EDR evasion and customizable adversary attack frameworks.
Bugcrowd Platform — Crowdsourced security platform with bug bounty programs and penetration testing services.
BugTrace-AI — AI-driven reconnaissance assistant flagging SQLi, XSS, JWT misconfigs with multi-persona self-checking and low false positive rate.
BuiltWith Profiler — Web technology profiler revealing tech stacks, analytics, frameworks and hosting of any website.
Burp Suite — Industry-standard web application security testing toolkit with AI-enhanced scanning and extensions.
CAI — Modular AI agent framework for red and blue team operations. First place AI teams in HackTheBox AI vs Human CTF. Integrates Nmap and Burp.
Caido — Modern lightweight web security testing toolkit built in Rust as a faster Burp Suite alternative.
CAINE Forensics — Linux-based digital forensics environment with integrated tools for complete forensic investigation.
Caldera — MITRE open-source adversary emulation platform for automated red and blue team exercises.
CalypsoAI Platform — AI security platform with model validation, inference protection and policy enforcement for LLMs.
CAPE Sandbox — Open-source malware sandbox forked from Cuckoo with enhanced config extraction and payload dumping.
Carbon Black — Cloud-native endpoint protection with behavioral EDR and VMware integration.
Cato Networks SASE — Single-vendor SASE platform converging networking and security with AI threat prevention.
Cellebrite UFED — Mobile device forensics platform for lawful data extraction and digital intelligence analysis.
Censys ASM — Attack surface management platform with continuous internet-wide scanning and asset discovery.
Censys Search — Internet-wide scanning and search engine for discovering and monitoring exposed assets and services.
Centraleyes — AI-driven cyber risk and compliance management platform with automated assessments.
Cequence Security — API security and bot management platform protecting against automated attacks and fraud.
Chainguard Images — Hardened minimal container images with zero known CVEs for secure software supply chains
Chaos by ProjectDiscovery — Free DNS data API providing internet-wide asset discovery for bug bounty and security research.
Check Point CloudGuard — Unified cloud-native security with CNAPP CSPM workload protection and AI threat prevention.
Check Point Harmony Email — AI phishing and BEC detection across email, Teams, Slack, SharePoint.
Checkmarx One Platform — Unified AppSec with AI-powered SAST, SCA, DAST, API security and supply chain protection.
Checkov IaC Scanner — Open-source static analysis for IaC scanning Terraform, CloudFormation, Kubernetes and ARM templates.
Cider Security — Application security posture management platform mapping and securing engineering environments and CI/CD pipelines
CIPHER — LLM-powered pentesting assistant trained on expert writeups for guided methodology.
Cisco AI Defense Platform — Enterprise AI security for asset discovery model validation runtime protection and shadow AI.
Cisco Secure Network Analytics — AI-powered network visibility and threat detection using NetFlow and behavioral modeling.
Claroty — AI-powered OT/IoT security platform protecting industrial and healthcare connected assets.
Cloudflare WAF — Global CDN with AI-powered WAF DDoS protection and bot management at scale.
Cloudflare Zero Trust — Comprehensive zero-trust platform with ZTNA, SWG, CASB, email security and browser isolation.
CloudSEK — AI-powered digital risk monitoring tracking brand impersonation, data leaks, and attack surface exposure across surface, deep, and dark web.
CloudSploit Scanner — Open-source cloud security configuration scanner for AWS, Azure, GCP and Oracle Cloud.
Cobalt Pentest — Pentest as a service combining human expertise with AI-powered vulnerability triage.
Cobalt Strike — Advanced adversary simulation and red team operations toolkit for post-exploitation, lateral movement, and C2 operations.
Code42 Incydr — Insider risk management detecting and responding to data exfiltration by employees and contractors.
CodeRabbit Platform — AI code review assistant analyzing pull requests with contextual security feedback.
Cofense PhishMe — Phishing simulation and security awareness training with AI-powered threat detection.
Concentric AI Semantic — Autonomous data security using deep learning to classify and protect sensitive data without rules.
ConductorOne — AI-powered access management with automated reviews and just-in-time provisioning.
Contrast Security — Runtime application security with IAST, RASP and SCA using AI for accurate vulnerability detection.
Conveyor Trust Portal — AI-powered customer trust portal automating security questionnaires and compliance document sharing
Corelight — Enterprise network detection and response built on open-source Zeek with AI analytics.
Covenant C2 — Open-source command and control framework for red team operations with collaborative features.
CrowdStrike Falcon + Charlotte AI — XDR platform with generative AI analyst enabling natural language queries across trillions of security events for faster investigations.
CrowdStrike Falcon Cloud — Cloud workload protection with AI threat detection runtime security and container scanning.
CrowdStrike Falcon Prevent — Next-gen AV with AI behavioral analysis. Top-rated in MITRE ATT&CK evaluations.
CrowdStrike Falcon X — AI-driven threat analysis integrated into Falcon platform with automated IOC scoring and adversary attribution.
Cuckoo Sandbox — Open-source automated malware analysis system executing suspicious files in isolated environments.
CyberArk Conjur — Open-source secrets management for DevOps with role-based access and seamless CI/CD integration.
CyberArk PAM — Privileged access management leader with AI-driven risk scoring and secrets management.
CyberChef — GCHQ open-source web app for data encoding decoding encryption and analysis operations.
Cybereason Defense Platform — AI-driven EDR and XDR with MalOp detection engine correlating attacks across endpoints.
Cyberhaven — AI-powered behavioral DLP tracking data lineage and preventing exfiltration in real time.
CyberX — Agentless IoT and OT security with automated asset discovery and vulnerability management.
Cyble Vision Platform — AI-powered threat intelligence with dark web monitoring, brand protection and attack surface discovery.
Cycode — AI-native converged AST + ASPM + SSCS platform. AI Exploitability Agent reduces false positives by 94%. Context Intelligence Graph maps code-to-cloud risk.
CyCognito — AI-powered external attack surface management with automated testing and risk prioritization.
Cyera — AI-powered DSPM with automatic data discovery and classification.
Cyera AI Data Security — AI-powered data security posture management platform discovering and classifying sensitive data across cloud environments
Cyera AI Guardian — AI-SPM plus AI Runtime Protection with granular AI asset inventory and data security.
Cymulate — Continuous security validation platform with BAS exposure management and automated red teaming.
Cynerio Platform — Healthcare IoT security with AI-driven device classification and attack detection.
Dalfox — Fast parameter analysis and XSS scanner with automatic payload generation and verification.
Darktrace DETECT Fraud — Self-learning AI for real-time anomaly detection across enterprise networks email cloud and OT.
Darktrace EMAIL — Self-learning AI email protection without rules or signatures.
Dashlane — Password manager with built-in VPN dark web monitoring and automated password changer.
Dazz Remediation Cloud — AI-powered security remediation platform that deduplicates and prioritizes vulnerability fixes across pipelines
DeepKeep AI Security — AI-native security platform providing automated red-teaming and runtime protection for LLM applications
Dehashed Search — Breach data search engine for security researchers to check exposed credentials and personal data.
Delinea — PAM solutions with AI-powered privilege management and DevOps secrets vault.
Dependabot Security — GitHub-native automated dependency updates and security vulnerability patching for repositories.
Descope IAM — Drag-and-drop customer identity platform with passwordless auth and fraud prevention flows.
Detectify — External attack surface monitoring with crowdsourced vulnerability research and automated scanning.
Detectree AI Phishing — AI-powered phishing URL detection engine using decision tree models and real-time threat feeds.
Devo Security Platform — Cloud-native SIEM with real-time analytics, 400-day hot data retention and AI-powered investigation.
Digital Guardian — Data-centric security platform with DLP endpoint detection and managed security services.
Dirsearch — Web path discovery tool for brute forcing directories and files on web servers.
DNSDumpster — Free domain research tool for discovering hosts related to a domain and DNS records.
Doppler SecretOps — Universal secrets management platform syncing environment variables across apps and infrastructure.
Dragos — Industrial cybersecurity platform for OT threat detection with ICS-specific threat intelligence.
Drata — Compliance automation platform for SOC 2 ISO 27001 with continuous control monitoring.
DTEX InTERCEPT — AI-powered insider threat management with behavioral intelligence and workforce cyber protection.
Duality Technologies — Privacy-enhancing computation platform using homomorphic encryption for secure data collaboration.
Egress Email Security — AI-powered adaptive email security preventing inbound phishing and outbound data breaches.
Emailage by LexisNexis — Email risk scoring and digital identity intelligence for fraud prevention.
Endor Labs Platform — Function-level reachability SCA with 92% noise reduction and built-in compliance automation.
Endor Labs SCA — Next-generation software composition analysis with reachability analysis to eliminate false positives
Ermetic — Cloud infrastructure entitlement management with AI-powered permission analysis and remediation.
ESET Protect Platform — Multi-layered endpoint protection with AI-powered detection, cloud sandboxing and XDR.
Exabeam — Behavioral analytics SIEM with AI-driven user and entity behavior analytics detecting insider threats and compromised accounts.
ExpressVPN — Premium VPN with Lightway protocol TrustedServer technology and strong privacy features.
ExtraHop RevealX — Cloud-native NDR with AI-powered network traffic analysis and real-time threat detection.
F5 Distributed Cloud WAF — Enterprise WAF with AI-driven threat intelligence multi-cloud protection and API security.
Falco Runtime — Open-source cloud-native runtime security with real-time threat detection for containers and Kubernetes.
Featurespace — AI-powered real-time fraud and financial crime prevention using adaptive behavioral analytics.
Ffuf — Fast web fuzzer written in Go for directory discovery content discovery and parameter fuzzing.
Fidelis Network — Network detection and response with deep session inspection and automated threat hunting.
Filigran OpenBAS — Open-source breach and attack simulation platform by the OpenCTI team for security validation.
Filigran OpenCTI Cloud — Managed threat intelligence platform built on OpenCTI providing structured knowledge management for security teams
Flashpoint Intelligence — Threat intelligence covering deep and dark web, vulnerabilities, and geopolitical risk.
FOCA Tool — Open-source metadata extraction tool for finding hidden information in documents and files.
Forcepoint DLP — Enterprise DLP with risk-adaptive protection across web cloud and endpoint channels.
Forescout — Network access control and IoT security platform with automated device discovery and compliance.
Forter Platform — AI-powered ecommerce fraud prevention with real-time identity-based decisioning.
Fortify SAST — Enterprise static application security testing with AI-assisted audit and 1000+ vulnerability categories.
Fortinet FortiAI — AI across FortiOS for automated threat hunting, malware analysis, and SOC orchestration.
Fortinet FortiEDR — Real-time AI endpoint protection with pre and post-infection response.
Fortinet FortiGate — AI-powered next-gen firewall with integrated IPS, SD-WAN and zero-trust network access.
Fossa Platform — Open-source license compliance and vulnerability management for modern development teams.
Frida — Dynamic instrumentation toolkit for developers and security researchers for runtime analysis.
FTK Imager — Data preview and imaging tool for creating forensic images and recovering deleted files.
Garak LLM Scanner — Open-source LLM vulnerability scanner testing for prompt injection jailbreaks and safety failures.
Ghauri SQLi Tool — Advanced SQL injection detection and exploitation tool with WAF bypass and multiple injection techniques.
Ghidra — NSA open-source software reverse engineering framework with decompiler and analysis tools.
GitGuardian DevSecOps — Secrets detection platform with 350+ detectors scanning code repos CI/CD and Docker images.
GitHub Advanced Security — CodeQL SAST, Copilot Autofix, secret scanning with push protection, Dependabot SCA.
Gitleaks Scanner — Open-source SAST tool detecting hardcoded secrets in git repositories with CI/CD integration.
Google Chronicle SIEM — Cloud-native SIEM built on Google infrastructure with petabyte-scale analysis and AI threat detection.
Google Cloud Security with Mandiant — Mandiant threat intel plus Gemini AI for code review, malware analysis, and SOC ops.
Grafana Security — Open-source observability platform with security dashboards, alerting and log analysis capabilities.
Graphus AI Email — AI-powered automated email security with TrustGraph technology analyzing communication patterns.
Greenbone OpenVAS — Open-source vulnerability assessment system with comprehensive network scanning capabilities.
GreyNoise Intelligence — Internet background noise analysis helping analysts reduce alert fatigue from mass scanners.
Grip Security SSPM — SaaS security control plane discovering shadow SaaS and automating identity governance.
Group-IB Threat Intel — Threat intelligence with dark web monitoring, attack attribution and AI-powered fraud detection.
Grype — Open-source vulnerability scanner for container images and filesystems by Anchore.
Gurucul UEBA — AI-powered security analytics with UEBA, identity analytics and network traffic analysis.
Gutsy GRC Platform — AI-powered security process mining platform mapping actual security operations to compliance.
Gutsy Process Mining — Security process mining platform providing visibility into how security operations actually execute versus policy
Hack The Box Training — Hands-on cybersecurity training with realistic labs, CTF challenges and enterprise team training.
HackerOne Platform — Leading bug bounty and vulnerability disclosure platform connecting hackers with organizations.
Hadrian Security — AI-powered offensive security automating reconnaissance, vulnerability discovery and attack simulation.
Harmonic Security — Data protection platform for generative AI preventing sensitive information leakage to LLMs
Hashcat — Advanced GPU-accelerated password recovery and hash cracking tool.
HashiCorp Vault — Secrets management and data protection with dynamic credentials and encryption as a service.
Have I Been Pwned — Free service checking if email addresses or passwords have been exposed in data breaches.
Havoc C2 Framework — Modern command and control framework with evasion capabilities and team collaboration features.
HiddenLayer Platform — AI threat detection platform protecting ML models from adversarial attacks and model theft.
Horizon3 NodeZero — Autonomous penetration testing as a service with AI-driven attack path discovery.
Hoxhunt Platform — AI-powered human risk management with personalized phishing training and behavior change analytics.
Httpx Scanner — Fast multi-purpose HTTP toolkit for probing, technology detection and response analysis.
Hunters SOC Platform — AI-powered SOC platform automating threat detection and investigation across all data sources.
Hybrid Analysis — Free malware analysis service powered by CrowdStrike Falcon Sandbox with community threat feeds.
IBM QRadar Suite — AI-powered SIEM with integrated EDR, XDR, and SOAR. Watson-enhanced threat detection and automated response workflows.
IBM watsonx.governance — AI model lifecycle governance with bias and drift detection for ISO 42001 and EU AI Act.
Illumio Zero Trust — Zero-trust segmentation preventing lateral movement with AI-powered visibility and micro-segmentation.
Immersive Labs — Enterprise cybersecurity workforce development with AI-powered skills benchmarking and crisis simulations.
Impacket Toolkit — Python collection for working with network protocols targeting Windows credential extraction and lateral movement.
Imperva WAF — Cloud WAF with AI-powered threat detection runtime application self-protection and DDoS mitigation.
INE Training — Cybersecurity certification training offering eJPT, eCPPT, eWPT and other professional certifications.
Infisical Platform — Open-source secrets management with end-to-end encryption, versioning and automatic rotation.
Intel 471 — Adversary and malware intelligence focused on underground cybercrime ecosystem monitoring.
Interactsh Server — Open-source out-of-band interaction server for detecting blind vulnerabilities like SSRF and RCE.
Interpres Security — Threat exposure analytics platform mapping defensive coverage gaps against active threat actor TTPs
Intezer Analyze — AI-powered malware analysis using genetic code analysis to detect code reuse and classify threats.
Intigriti Platform — European bug bounty and security research platform with ethical hacker community.
Intruder — Automated vulnerability scanner with continuous monitoring and cloud-native asset discovery.
Invicti DAST — AI-powered DAST with proof-based scanning automatically verifying vulnerabilities to eliminate false positives.
IronNet Collective Defense — AI-driven NDR with collective defense sharing threat detections across organizations.
IRONSCALES — Self-learning email security with AI phishing detection and automated remediation.
Island Enterprise Browser — Enterprise browser with built-in security controls data protection and zero trust access.
Jaeles Scanner — Powerful collaborative web security scanner with customizable signature-based detection.
Jit Security Orchestration — Unified AppSec platform orchestrating open-source security tools in a single developer-friendly interface
Joe Sandbox — Deep malware analysis with automated behavioral analysis across Windows Linux macOS and Android.
John the Ripper — Open-source password cracker supporting hundreds of hash types and formats.
JumpCloud Platform — Open directory platform with unified IAM, device management and zero-trust security.
Kali Linux — Industry-standard penetration testing Linux distribution with 600+ pre-installed security tools.
Kaspersky Endpoint Security — Multi-layered endpoint protection with ML-based detection, EDR and automated response.
Katana Crawler — Next-gen web crawling framework by ProjectDiscovery with headless browser and passive mode.
Keeper Secrets Manager — Zero-knowledge secrets management for DevOps with rotation, auditing and CI/CD integration.
Keeper Security — Password manager with privileged access management zero-knowledge encryption and dark web monitoring.
Knostic — Knowledge-layer security for AI assistants like Copilot and Glean. Need-to-know enforcement.
KnowBe4 Platform — Security awareness training with AI-powered phishing simulation and human risk management.
Kodem Security — Runtime intelligence platform identifying exploitable vulnerabilities in application code.
Kount by Equifax — AI-driven digital fraud prevention with identity trust and payment fraud detection.
KubeHunter — Open-source penetration testing tool for Kubernetes clusters finding security weaknesses.
Kubescape — Open-source Kubernetes security platform with risk analysis compliance and misconfiguration scanning.
Lacework Platform — AI-powered behavioral anomaly detection across cloud workloads accounts and containers.
Lakera Guard — Real-time AI security API protecting LLMs from prompt injection and data leakage.
Lasso Security — LLM security platform protecting against prompt injection data leakage and model manipulation.
LastPass — Popular password manager with autofill password sharing and security dashboard.
LayerX — Enterprise browser security platform protecting against web threats data leaks and shadow SaaS.
Legit Security — Application security posture management protecting software supply chains and CI/CD pipelines.
LetsDefend — Blue team training platform with SOC analyst simulations alert triage and incident response labs.
Lineaje SBOM360 — Software supply chain security platform providing deep SBOM intelligence and risk scoring
LogRhythm — AI-enabled SIEM with built-in SOAR and SmartResponse automation for rapid threat containment and compliance-focused reporting.
Lookout — Cloud security platform with mobile threat defense data protection and CASB capabilities.
Magnet AXIOM — Enterprise digital forensics and incident response platform for computer mobile and cloud evidence.
Maltego — Visual link analysis and data mining tool for OSINT investigations.
Malwarebytes ThreatDown — AI-powered endpoint security with automated remediation designed for lean security teams.
Mandiant Threat Intelligence — Google-backed threat intelligence with frontline expertise from incident response engagements.
Matano SIEM — Open-source cloud-native SIEM built on AWS with serverless log analysis and threat detection.
Material Security — Email security protecting sensitive data in mailboxes with redaction, access controls and DLP.
Medigate by Claroty — Healthcare IoT security platform with clinical device visibility and threat detection.
Mend.io Platform — Automated open-source security and license compliance with AI-powered remediation.
Metasploit — Industry-standard exploitation framework with massive exploit database. Community free and Pro commercial editions available.
MetricStream — AI-first enterprise GRC platform with advanced risk intelligence and continuous controls monitoring.
Microsoft Defender for Endpoint — AI endpoint protection integrated with M365. Automated investigation and remediation.
Microsoft Entra ID — Cloud IAM with AI conditional access, risk-based auth, and identity governance.
Microsoft Entra ID IAM — Cloud IAM with AI conditional access risk-based authentication and identity governance.
Microsoft Purview — Unified data governance and DLP across Microsoft 365 Azure and multi-cloud environments.
Microsoft Sentinel + Security Copilot — Cloud-native SIEM with generative AI assistant for natural language threat hunting, automated incident summaries, and multilingual support.
Miggo Security ADR — Application detection and response platform identifying distributed application vulnerabilities at runtime
Mimecast Email Security — Cloud-based email security with AI threat detection, continuity and archiving.
Mindgard AI Security — AI security testing platform with automated red teaming for machine learning models and LLMs.
MISP Platform — Open-source threat intelligence sharing platform for collaborative analysis and IOC exchange.
MITRE ATT&CK Navigator — Interactive tool for mapping and visualizing adversary techniques from the MITRE ATT&CK framework.
Mobb AI Autofix — AI-powered automated vulnerability remediation generating verified code fixes from SAST findings
MobSF — Open-source automated mobile application security testing framework for Android and iOS.
Mullvad VPN — Privacy-focused VPN with no account needed anonymous payment and fixed pricing.
Mythic C2 Platform — Collaborative multi-platform red teaming framework with modular agents and customizable payloads.
Naabu Port Scanner — Fast SYN/CONNECT port scanner by ProjectDiscovery optimized for large-scale reconnaissance.
Nagomi Proactive Defense — AI-powered proactive defense platform optimizing existing security tool effectiveness.
Nessus Professional — Industry-standard vulnerability scanner with over 80000 plugins and compliance auditing.
NetRise XIoT Security — Firmware and XIoT security platform analyzing embedded device software for vulnerabilities at scale
Netskope — SASE platform with AI-powered data protection inline CASB and zero trust network access.
NetworkMiner — Open-source network forensics tool for OS fingerprinting, file extraction and packet analysis.
Nightfall AI — AI-native cloud DLP protecting sensitive data across SaaS apps and GenAI.
Nightfall AI for LLMs — AI-native DLP for ChatGPT, Copilot and LLM apps preventing sensitive data leakage in prompts.
Nikto Scanner — Open-source web server scanner testing for dangerous files, outdated software and misconfigurations.
Nmap — Industry-standard network scanner for port scanning, service and OS detection.
Noma Security — AI and agentic risk platform with continuous asset discovery and AI-SPM. Raised $100M.
Noname Security — API security platform providing discovery posture management runtime protection and testing.
NordVPN — Leading VPN with NordLynx protocol Threat Protection and double VPN for maximum security.
Normalyze DSPM — AI-powered data security posture management with agentless scanning and data flow mapping.
NowSecure — AI-powered mobile application security testing for iOS and Android with automated analysis.
Nozomi Networks — AI-powered OT and IoT network visibility and threat detection for critical infrastructure.
Nuclei Scanner — Fast open-source vulnerability scanner with template-based detection and community contributions.
Nudge Security SaaS — AI-powered SaaS security platform discovering and governing all cloud and GenAI app usage.
Offensive Security — Creator of OSCP the gold-standard penetration testing certification with hands-on labs.
Okta IAM — AI-enhanced identity and access management with adaptive MFA and universal directory.
Oligo Security — Runtime application security observability detecting library-level vulnerabilities in production
OneSpan Identity — Digital identity verification and authentication with AI-powered fraud analytics.
OneTrust — Privacy management and GRC platform with AI-powered data discovery and compliance automation.
Opal Security — AI-powered access management with just-in-time provisioning and automated access reviews.
OpenCTI Platform — Open-source cyber threat intelligence platform for structuring, storing and visualizing threat data.
OpenText AI Data Platform — Unified data governance for AI with security-baked PII screening for AI apps.
OpenVAS — Open-source vulnerability scanner with comprehensive network vulnerability tests and compliance checks.
Opus Security Remediation — AI-powered cloud security remediation orchestration platform prioritizing and automating fixes.
Orca AI SPM — AI security posture management detecting shadow AI models misconfigurations and sensitive data exposure
Orca Security Platform — Agentless CNAPP with AI-powered risk prioritization and full cloud estate visibility.
Ordr Platform — AI-powered connected device security with automated discovery, classification and segmentation.
Osmedeus Framework — Automated offensive security framework with distributed scanning and workflow engine for recon.
OTORIO RAM2 — OT-native risk assessment and management platform for industrial environments.
OWASP LLM Top 10 — Framework for securing LLM apps covering prompt injection, data poisoning, and more.
OWASP ZAP — Free open-source web application security scanner with active scanning and fuzzing.
Ox Security Platform — Active ASPM platform securing the software supply chain with pipeline bill of materials.
Oxygen Forensic Detective — All-in-one forensic tool extracting and analyzing data from mobile devices, drones and cloud services.
Oxygen Security ASPM — Application security posture management platform correlating code to cloud for risk prioritization
Palo Alto Cortex XDR — XDR across endpoint, network, cloud with AI behavioral analytics.
Palo Alto Cortex XSIAM — AI-driven SOC platform replacing traditional SIEM. Automates correlation, triage, and response with Unit 42 threat intel integrated.
Palo Alto Prisma Access — Cloud-delivered SASE with AI-powered security autonomous digital experience management.
Palo Alto XSOAR — Enterprise SOAR platform with AI-enhanced playbooks and 700+ integrations for SOC automation.
Pangea Security APIs — Security infrastructure APIs providing authentication encryption and threat intel as embeddable services for developers
ParamSpider — Parameter discovery tool mining URLs from web archives for finding hidden attack surfaces.
Parrot OS — Security-focused Linux distribution with pentesting tools privacy features and lightweight design.
Pentera Platform — Automated security validation platform running real attacks to test defenses continuously.
Pentest-Tools Platform — Cloud-based penetration testing toolkit with automated recon, scanning and exploitation modules.
PentesterLab — Hands-on web penetration testing exercises with progressive difficulty and real vulnerabilities.
PentestGPT — AI-powered pentesting chatbot assistant using NLP to suggest exploitation paths and automate vulnerability scanning via prompts.
Perception Point — AI-powered email and collaboration security preventing phishing, BEC and malware.
Perimeter 81 — Cloud-based network security with ZTNA, SWG and firewall as a service for distributed teams.
Phosphorus IoT Security — Unified xIoT security platform with automated device discovery, remediation and credential management.
Photon Crawler — Fast open-source web crawler designed for OSINT extracting URLs, emails, files and endpoints.
Ping Identity — Intelligent identity security with AI-powered authentication, SSO and directory services.
Pixee AI CodeFix — AI-powered automated code security fixing vulnerabilities with one-click pull requests.
PlexTrac Platform — Pentest reporting and management platform streamlining offensive security workflows.
Praetorian Chariot — Offensive security platform with continuous attack surface discovery and managed penetration testing.
Prisma AIRS 2.0 — Full AI lifecycle protection: prompt injection defense, agent misuse detection, supply chain risk.
Prisma Cloud CNAPP — Comprehensive cloud-native application protection with code-to-cloud security coverage.
Privacera — Unified data access governance and security for multi-cloud and AI environments.
Private AI — AI-powered PII detection and redaction for unstructured data across 50+ languages.
ProcessUnity TPRM — Third-party risk management platform with automated vendor assessments and continuous monitoring.
Prompt Armor LLM — Real-time prompt injection firewall protecting LLM applications from adversarial inputs and jailbreaks.
Prompt Security Platform — GenAI security for employees code assistants and AI agents with prompt injection defense.
Proofpoint Email Protection — AI-powered email security with advanced threat protection, DLP and archiving for enterprises.
Proofpoint SAT — Security awareness training with targeted phishing simulations and adaptive learning modules.
Protect AI Platform — AI and ML security platform with model scanning supply chain risk and deployment gating.
ProtonMail — Swiss-based end-to-end encrypted email with zero-access encryption and no tracking.
ProtonVPN — Swiss-based privacy VPN with open-source clients Secure Core routing and free tier.
Prowler Cloud Security — Open-source cloud security tool performing AWS, Azure and GCP security assessments and compliance.
Pulsedive Intel — Community-powered threat intelligence with automated IOC enrichment and risk scoring.
PyRIT — Microsoft open-source Python toolkit for identifying risks in generative AI systems.
Qualys VMDR — AI-powered vulnerability management detection and response with TruRisk prioritization.
Qwiet AI CodeScan — AI-powered code analysis platform finding reachable vulnerabilities with 95% fewer false positives.
RAD Security — Cloud-native runtime security creating behavioral fingerprints for workload protection.
Radare2 Framework — Open-source reverse engineering framework with disassembler, debugger and binary analysis tools.
RangeForce — Enterprise cyber skills platform with hands-on SOC simulations and security operations training.
Rapid7 InsightVM — Cloud-powered vulnerability management with live dashboards and automated remediation workflows.
Reach Security Platform — AI platform that maps active threats to existing security tool configurations for optimal protection
Rebuff AI Defense — Open-source self-hardening prompt injection detection framework with multi-layer defense.
Recon-FTW — Automated reconnaissance framework combining multiple tools for comprehensive target enumeration.
Recon-ng — Modular web recon framework with Metasploit-like interface.
Recorded Future Intelligence — AI-powered threat intelligence platform with real-time analysis of open web, dark web and technical sources.
REMnux Distro — Linux toolkit for reverse-engineering and analyzing malicious software with 700+ pre-installed tools.
Responder Tool — LLMNR, NBT-NS and MDNS poisoner for credential harvesting during internal penetration tests.
Rezilion Platform — AI-powered vulnerability validation determining which CVEs are actually exploitable in runtime.
Rezonate Identity Risk — Cloud identity threat detection and response platform discovering and remediating identity attack paths
Riskified Platform — Machine learning ecommerce fraud prevention with chargeback guarantee and revenue optimization.
RiskRecon by Mastercard — Third-party cyber risk management with continuous assessment and detailed security performance insights.
Robust Intelligence — AI firewall and continuous validation platform protecting ML models in production.
Runecast Analyzer — AI-powered security compliance for VMware, AWS, Azure and Kubernetes environments.
RunReveal SIEM — Next-generation cloud-native SIEM built on modern data architecture for cost-effective security log analysis
SafeBreach — Breach and attack simulation with continuous security validation and risk-based remediation.
SailPoint IAM — AI-powered identity governance with automated access certifications and role mining.
Salt Security — AI-powered API security platform discovering monitoring and protecting APIs from attacks.
Sardine AI Fraud — AI-native fraud prevention with device intelligence, behavioral biometrics and instant bank verification.
Saviynt — AI-enhanced identity governance and cloud PAM with intelligent access analytics.
Savvy Security — SaaS security platform providing just-in-time guardrails for workforce identity and app governance.
SCADAfence Platform — OT and IoT network monitoring with asset discovery, threat detection and compliance management.
ScoutSuite Cloud — Open-source multi-cloud security auditing tool assessing AWS, Azure, GCP and Oracle configurations.
Secureframe — AI-powered security and compliance automation for SOC 2 ISO 27001 HIPAA and PCI DSS.
Secureworks Taegis XDR — AI-powered XDR with automated threat detection, investigation and response across endpoints and cloud.
Securiti DataControls — Unified data intelligence platform with AI-driven data discovery, governance and privacy automation.
Security Scorecard — AI-powered security ratings platform providing continuous third-party risk monitoring and scoring.
SecurityTrails — Historical DNS and domain intelligence platform for security research and OSINT.
Securonix SIEM — Cloud-native SIEM with UEBA and SOAR using AI to detect advanced insider threats.
Seemplicity Remediation — Automated security remediation operations platform reducing backlog across vulnerability and finding management
Semgrep Platform — Lightweight SAST SCA and secrets detection with AI noise filtering and 98% false positive reduction.
SentinelOne Purple AI — Generative AI hunting and response assistant accelerating threat investigations with open telemetry ingestion from third-party sources.
SentinelOne Singularity — Autonomous AI EDR/XDR with one-click rollback. Gartner Leader four years running.
SentinelOne Singularity Identity — AI identity threat detection across Entra ID, Active Directory, and multi-cloud.
ServiceNow GRC — Enterprise governance risk and compliance platform integrated with IT service management.
Shannon — Aggressive autonomous AI exploitation tool. Finds SQLi, XSS, SSRF, Auth bypass and provides proof-of-concept evidence automatically.
Sherlock OSINT — Open-source tool for finding social media accounts by username across 400+ platforms.
Shield AI Fraud — AI-powered fraud detection for mobile-first businesses with device fingerprinting and risk scoring.
Shodan Search Engine — Internet-connected device search engine for discovering exposed services, IoT devices and vulnerabilities.
Sift Digital Trust — AI-powered digital trust platform preventing payment fraud, account takeover and content abuse.
SIFT Workstation — SANS open-source incident response and forensic tools collection built on Ubuntu.
Signal — Open-source end-to-end encrypted messaging app with disappearing messages and no data collection.
Silk Security — AI-driven risk prioritization platform cutting through finding noise across AppSec cloud and infra
Silverfort Platform — Agentless identity security with AI-powered MFA and identity threat detection across all resources.
Silverfort Unified Identity — Agentless unified identity protection extending MFA and zero trust to any resource including legacy systems
SlashNext — AI phishing protection with real-time URL analysis across all channels.
Sliver C2 Framework — Open-source cross-platform adversary emulation framework by BishopFox for red team operations.
Snort IDS — Open-source intrusion detection and prevention system with real-time traffic analysis by Cisco.
Snyk Cloud Security — Developer-first cloud security with IaC scanning, drift detection and cloud context analysis.
Snyk Code SAST — AI-powered SAST scanning code in real-time with developer-friendly fix suggestions.
Snyk Container Security — AI-powered container vulnerability scanning for images and Kubernetes workloads.
Snyk DevSecOps — Developer-first security with AI-powered SAST, SCA, container and IaC scanning.
Snyk Learn — Free developer security education platform with interactive lessons on common vulnerabilities.
Socket Supply Chain — AI-powered supply chain security detecting malicious and risky open-source dependencies before install.
SOCRadar Platform — AI-powered extended threat intelligence with digital risk protection and attack surface management.
SonarCloud Analysis — Cloud-based code quality and security analysis with AI-powered issue detection for 30+ languages.
SonarQube Platform — Code quality and SAST platform with AI CodeFix quality gate enforcement and 30+ language support.
Sonatype Nexus Lifecycle — AI-powered software supply chain security with component analysis and policy enforcement.
Sonrai Security — Cloud permissions and data security platform with identity governance and blast radius analysis.
Sophos Intercept X — AI-powered endpoint protection with deep learning malware detection and anti-ransomware.
SpamTitan Gateway — AI-powered email security gateway with sandboxing, DLP and phishing protection for businesses.
Spec Application Intelligence — Real-time application journey intelligence platform detecting fraud bots and abuse across user workflows
SpiderFoot — Open-source automated OSINT tool with 200+ data source modules.
Splunk with AI — Industry-leading SIEM with ML-powered anomaly detection, predictive analytics, and AI assistant capabilities for security operations.
Sprinto — Automated compliance platform for SOC 2 ISO 27001 with risk management and audit support.
Sprocket Security — Continuous penetration testing platform combining AI automation with human-led attack simulation.
SQLMap — Open-source automatic SQL injection detection and exploitation tool.
StackHawk DAST — Developer-first dynamic application security testing running in CI/CD with OpenAPI integration.
Steampipe Cloud Query — Open-source tool querying cloud APIs using SQL for security, compliance and infrastructure analysis.
Stellar Cyber Open XDR — Open XDR platform with AI-driven correlation across network endpoint and cloud for MSSPs.
Strata Identity — Identity orchestration platform enabling multi-cloud identity management without ripping and replacing existing IDPs
Strix Offensive — Autonomous AI agents generating PoC exploits with CI/CD integration. 19K+ GitHub stars.
Subfinder — Fast passive subdomain enumeration tool supporting many data sources for bug bounty recon.
Subjack Takeover — Open-source subdomain takeover detection tool scanning for vulnerable CNAME records at scale.
Sublime Security Email — Open-core email security platform with customizable detection rules and AI-assisted triage.
Surfshark — Affordable VPN with unlimited device connections CleanWeb ad blocker and MultiHop.
Suricata — Open-source high performance network IDS IPS and security monitoring engine.
Sweet Security Runtime — Cloud runtime security platform using behavioral profiling for real-time threat detection
Swimlane Turbine — AI-powered SOAR platform with low-code automation and case management for security operations.
Symantec DLP — Enterprise data loss prevention with content-aware detection across endpoints network and cloud.
Synack Platform — Premium crowdsourced security testing with vetted researchers and AI-powered analytics.
Sysdig — Cloud and container security with runtime threat detection powered by Falco.
Sysdig Secure Platform — Cloud and container security with runtime threat detection powered by open-source Falco engine.
Tailscale Mesh VPN — WireGuard-based mesh VPN creating zero-trust networks with minimal configuration.
Talon Cyber Security — Enterprise browser platform with endpoint security and SaaS protection acquired by Palo Alto.
Talon Enterprise Browser — Chromium-based enterprise browser providing secure workspace isolation and DLP for managed and unmanaged devices
Tamnoon Cloud Security — Managed cloud security remediation service combining AI automation with human expertise.
Tenable Cloud Security — Cloud security with CIEM, CSPM and vulnerability management for multi-cloud environments.
Tenable One — AI-powered exposure management platform unifying vulnerability cloud and identity security.
Terrascan IaC — Open-source static code analyzer for IaC with 500+ security policies across cloud platforms.
Tessian Email Security — AI-powered email security preventing misdirected emails, data loss and advanced phishing.
TFSec Scanner — Open-source Terraform static analysis security scanner detecting potential misconfigurations.
Thales SafeNet — Enterprise access management with smart SSO, MFA and certificate-based authentication.
theHarvester — Simple tool for gathering emails, subdomains, IPs from public sources.
TheHive — Open-source security incident response platform with case management and automation.
ThreatConnect — Threat intelligence platform with built-in orchestration and automation. AI-driven analysis for SOC and incident response teams.
ThreatConnect Platform — Threat intelligence operations platform with AI-driven analytics and automated orchestration.
Tines — No-code security automation platform with smart workflows and AI-powered story generation.
Torq — AI-native hyperautomation platform for security with no-code workflow builder and AI copilot.
Torq Hyperautomation — AI-powered security hyperautomation platform with no-code workflows and unlimited integrations.
Traceable AI — AI-powered API security with deep traffic analysis for threat detection and API catalog.
Traceable API Security — AI-driven API security platform providing discovery risk scoring and threat protection across the API lifecycle
Transmit Security — Passwordless authentication and identity orchestration with AI-powered fraud prevention.
Trellix Email Security — Advanced email threat protection with AI analysis, sandboxing and URL defense.
Trellix Endpoint Security — AI-powered endpoint protection with behavioral analysis, machine learning and rollback.
Trellix XDR Platform — Extended detection and response platform combining endpoint network email and cloud threat intelligence
Trend Micro Cloud One — Unified cloud security platform with workload, container, file storage and network protection.
Trend Micro Vision One — AI XDR covering endpoint, email, network, cloud with risk management.
Triage Sandbox — Cloud-based malware sandbox by Hatching with automated analysis and configuration extraction.
Trivy — Open-source vulnerability scanner for containers images filesystems and Kubernetes clusters.
Trufflehog Secrets — Open-source secrets scanner finding leaked credentials in git repos, S3 buckets and filesystems.
Trustifi Email Security — AI-powered email security with encryption, DLP and advanced threat protection in one platform.
TryHackMe Training — Beginner-friendly cybersecurity training with guided rooms and browser-based learning paths.
Twingate ZTNA — Modern zero-trust network access replacing VPNs with software-defined access controls.
Uncover Search — Unified search tool querying Shodan, Censys and Fofa simultaneously for exposed assets.
UpGuard Platform — AI-powered attack surface and third-party risk management with continuous monitoring and data leak detection.
Upwind Security — Runtime-powered cloud security platform combining CNAPP with real-time threat detection.
Valence SaaS Security — SaaS security platform remediating risks from cross-SaaS integrations and identity misconfigurations
Vanta — AI-powered compliance automation for SOC 2 ISO 27001 HIPAA and GDPR with continuous monitoring.
Varonis — Data security platform with automated classification access monitoring and threat detection.
Vectra AI — AI-driven NDR specializing in hybrid cloud and identity-based attack detection.
Vectra AI Platform — AI-driven network detection and response using behavioral analysis to find hidden attackers.
Velociraptor — Open-source endpoint visibility and digital forensics tool for incident response at scale.
Veracode — AI-powered SAST, SCA, and DAST with Veracode Fix remediation engine and Package Firewall blocking malicious dependencies.
Veracode Platform — Cloud-based application security testing with AI-assisted SAST, DAST and SCA scanning.
Verve Industrial — OT asset management and security platform with endpoint visibility and vulnerability remediation.
Vicarius vRx — Autonomous vulnerability remediation platform using AI-generated patchless protection scripts
Virtru Data Protection — End-to-end encryption and data access control for email, files and SaaS applications.
VirusTotal — Multi-engine file and URL scanning with 70+ AV engines. AI-powered Code Insight analysis. Owned by Google and Mandiant.
VirusTotal Analysis — Multi-engine file and URL scanning with 70+ AV engines and AI-powered code analysis.
VMware Carbon Black — Cloud-native endpoint security with behavioral EDR, next-gen AV and workload protection.
Volatility — Open-source memory forensics framework for incident response and malware analysis.
Vorlon API Security — Real-time API security monitoring platform detecting third-party data exposure and compliance violations
Wallarm — AI-native API and application security combining WAAP API protection and bot management.
Wapiti Scanner — Open-source web application vulnerability scanner with black-box testing and multiple attack modules.
Wazuh — Free open-source SIEM and XDR platform with threat detection compliance and incident response.
Wire — End-to-end encrypted collaboration platform with messaging calls and file sharing for enterprises.
Wireshark — Open-source network protocol analyzer for deep packet inspection and forensics.
Wiz — Agentless cloud security with AI-SPM. Full CNAPP: CSPM, CWPP, CIEM, DSPM.
Wiz Cloud Security — Agentless cloud security platform providing full-stack visibility and risk prioritization across AWS Azure and GCP
Wiz CNAPP — Agentless cloud security with AI-powered risk prioritization across VMs containers and serverless.
X-Ways Forensics — Advanced computer forensics software with hex editor, disk imaging and comprehensive file analysis.
XBOW — Autonomous AI pentesting platform using hundreds of coordinated AI agents to discover and exploit vulnerabilities at machine speed.
XBOW Offensive — Autonomous AI pentesting with hundreds of coordinated agents finding and exploiting vulnerabilities.
XSStrike — Advanced XSS detection suite with intelligent payload generation fuzzing and crawling.
YARA Rules Engine — Open-source pattern matching tool for malware researchers to identify and classify malware samples.
Zafran Threat Exposure — Threat exposure management platform using compensating controls to mitigate vulnerabilities without patching
Zeek — Open-source network analysis framework with powerful scripting for custom detection.
Zeek Network Monitor — Open-source network analysis framework generating detailed logs of network activity.
Zenity AI Governance — Enterprise platform securing and governing low-code no-code and AI-powered business applications
ZeroFox Platform — External cybersecurity platform with AI-powered digital risk protection and threat intelligence.
Zimperium — AI-driven mobile threat defense protecting devices apps and networks from advanced attacks.
ZoomEye Platform — Cyberspace search engine mapping internet assets with device fingerprinting and vulnerability detection.
Zscaler Data Protection — Inline AI-powered DLP protecting data across web, SaaS, email and private apps.
Zscaler Internet Access — Cloud-native secure web gateway with AI-powered threat prevention and zero trust architecture.
Zscaler Private Access — Zero trust network access replacing VPNs with AI-powered adaptive access control.