Container Security Tools

Heroku is a cloud platform as a service (PaaS) designed for developers and teams to build, deliver, monitor, and scale modern apps. Heroku offers integrated tools, services, and workflows to help organizations of all sizes to maximize individual and team productivity, and deliver apps more quickly. Read more about Heroku

Datadog's Security Platform delivers real-time threat detection and continuous configuration audits across apps, hosts, containers, and cloud infrastructure. Easily detect changes in your containerized environment that may leave your applications vulnerable with Datadog's detection rules. Read more about Datadog

DataSet is a next-generation, autonomous endpoint/server protection platform that protects organizations against attacks utilizing key features such as machine learning, behavioral attack detection, automated responses, and real-time forensics, with complete visibility into all activity Read more about SentinelOne

Got more than 100 cloud assets? Orca Security provides workload-level security for Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP) WITHOUT AGENTS. Detect and identify vulnerabilities, malware, misconfigurations, leaked passwords, lateral movement risk, and unsecured high-risk data. Read more about Orca Security

Dynatrace Ruixt is an all-in-one application performance monitoring Read more about Dynatrace

Qualys Cloud Platform is designed to help businesses automate the security and monitoring of web applications and gain visibility into the utilization of IT assets. It enables IT professionals to detect threats related to unauthorized access across networks and conduct audits and IP scans. Read more about Qualys Cloud Platform

OpenShift helps build applications and host apps on the OpenShift server with the ability to modify and deploy. It is a cloud-based platform designed to simplify application development and hosting by providing complete control over your applications and coding in the language of your choice. Read more about OpenShift

Falcon is a cloud-based endpoint protection platform designed to help enterprises detect, manage, and remediate threats in real-time to prevent data loss. Features include event recording, alerts, prioritization, credential management, and access control. Read more about Falcon

IBM Cloud Kubernetes Service is an enterprise-scale solution used to deploy secure and highly available clusters of compute hosts, in a live Kubernetes environment. It enables enterprises to manage containerized apps on IBM Cloud. Read more about IBM Cloud Kubernetes Service

JFrog Artifactory is a binary repository management SaaS solution that provides software development and DevOps teams with a single source of truth for sourcing, storing, sharing, and deploying software components. Release your software with security and ease. Read more about Artifactory

Snyk is a cloud-based application security and testing platform, which helps enterprises discover and fix vulnerabilities across open source libraries, containers, or codes throughout the development process. Features include runtime monitoring, reporting, exploitability indicators, alerts, and prioritization. Read more about Snyk

Oracle Linux is an open-source operating system designed to help businesses handle virtualization, development, and management of cloud-native applications. The platform enables users to streamline performance tracking and security management operations for hybrid and multi-cloud deployments. Read more about Oracle Linux

Unify SIEM, endpoint security, and cloud security Elastic Security modernizes security operations Read more about Elastic Security

BuildPiper is a product by OpsTree Labs, which is an end-to-end Kubernetes and microservices Delivery Platform. It is a hybrid cloud-enabled system that facilitates the deployment of dockerized code across multiple environments. Read more about BuildPiper

Google Cloud Run is a serverless computing platform for developers. Read more about Google Cloud Run

WhiteSource is the leading solution for agile open source security and license compliance management. It integrates with your development environments and DevOps pipeline to detect open source libraries with security or compliance issues in real-time. Read more about WhiteSource

Confidently secure containers, Kubernetes and cloud with the Sysdig Secure DevOps Platform. Scan images, detect and respond to threats, validate cloud posture and compliance, monitor and troubleshoot. Read more about Sysdig

Spectral is a cloud-based software that enables teams to ship & build software while avoiding security mistakes, misconfigurations, credential leakage and data breaches without agents, across the entire software development lifecycle. Read more about SpectralOps

PingSafe is a cloud security platform that helps businesses manage regulatory compliance, system vulnerabilities, cloud credential leakage, and more. A comprehensive CNAPP that has all the necessary components to safeguard your multi-cloud environment and infrastructure. Read more about PingSafe

Protect your crown jewels, your development lifecycle, and your data with Uptycs, the unified CNAPP and XDR platform. Read more about Uptycs

Nexus Lifecycle by Sonatype is an application security and dependency management solution designed to help organizations manage open-source governance and automatically find and fix vulnerabilities across the entire software development lifecycle (SDLC). The platform enables developers to monitor security standards in the development process and... Read more about Nexus Lifecycle

CleanCloud is a cloud computing management tool that offers integration with Azure, AWS, and Google Cloud. It provides an overview of vulnerable items, analyzes all cloud resources, monitors critical assets, and performs audits that detail each identified event. Available in Portuguese and English. Read more about CleanCloud by SEK

Tenable.io is a container security software that helps businesses assess vulnerabilities, prioritize remediation actions, monitor assets, and more on a centralized platform. The automated inspection module enables staff members to detect malware, handle hierarchy intelligence, and assess container images by layer. Read more about Tenable.io

Google Container Security is a cloud-based software that provides businesses with tools to secure container environments across Google Kubernetes Engine (GKE), Anthos, and Google Cloud Platform (GCP). Supervisors can deploy patches on image containers and secure workloads using application-layer encryption. Read more about Google Container Security

VMware Tanzu is a cloud-based platform that helps businesses build applications, run common Kubernetes framework across the cloud, automate the delivery of containerized workloads, and monitor apps in production. Read more about VMware Tanzu

AWS Fargate is a serverless compute engine for containers that helps businesses deploy and manage applications whilst working with Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Read more about AWS Fargate

Platform.sh is the platform to supercharge your web operations, and build, run and scale hundreds of websites and web applications, so your developer teams can focus on what really matters. Since infrastructure and workflows are handled from the start, apps just work, so teams can focus on what really matters: making faster changes, collaborating... Read more about Platform.sh

Appvia Wayfinder helps businesses turn cloud complexities into simple tasks and boost the team's productivity and security. It enables developers to navigate the labyrinth of Kubernetes and cloud deployment. The software is built on principles of isolation and least privilege, ensuring a strong security posture from day one. It includes integrated... Read more about Appvia Wayfinder

Lacework is a cloud security and compliance software which provides automated intrusion detection, threat defence, one-click investigation, and compliance across AWS, Azure, GCP, and private clouds, giving users a comprehensive view of risks across their cloud workloads and containers. Read more about Lacework

StackRox is a container security platform designed to help government agencies and businesses protect cloud-based applications, detect threats, and manage vulnerabilities, compliance requirements, configurations, and more. Administrators can gain visibility into risks on a centralized dashboard. Read more about StackRox

Argon connects to development environments and tools. It protects the entire CI/CD pipeline from code manipulation misconfigurations, code leaks, and vulnerabilities. This solution enables smooth AppSec orchestration by providing a unified view, full visibility, security, and code integrity. Read more about Argon

Talos OS is an immutable and secure Kubernetes operating system. The trust of an IT infrastructure designed with security at the core. Read more about Talos OS

Cisco Secure Firewall is a cloud-based Firewall system that provides security for public, containerized, virtual, physical, and private firealls. Additionally, the software provides threat intelligence to maintain control of enterprise level encrypted traffic and application environments. Secure Firewall can be used across hybrid and multicloud... Read more about Cisco Secure Firewall

Conviso is a SaaS-based tool that helps businesses secure application development pipelines via vulnerability scanning, automated testing, and more. Read more about Conviso

CloudPassage® Halo® is the world’s leading security and compliance automation platform that provides instant visibility and continuous protection for servers. Read more about CloudPassage Halo

Fairwinds Insights delivers dev and ops teams shared visibility across multi-clusters, anticipating and remediating configuration and security threats before they cost time or money. Read more about Fairwinds Insights

Reblaze is a complete web security solution that is deployed as a reverse proxy on a virtual private cloud. It’s designed to protect web applications and API servers. Reblaze routes, scrubs, and blocks malicious incoming traffic without the need for downtime that can affect business. With full bot mitigation capabilities, it blocks hostile traffic... Read more about Reblaze

Threat Stack is a cloud-based platform that helps businesses identify and respond to threats in real-time while ensuring security and compliance across applications. It facilitates visibility across cloud management console, host, containers and serverless layers. Read more about Threat Stack

Anchore is a container security platform designed to help development, security and operations teams in federal and corporate organizations scan, analyze, secure and troubleshoot containerized applications. It allows administrators to conduct deep inspection of container images and report on software components including packages, artifacts,... Read more about Anchore

CloudGuard is a container security software designed to help businesses streamline vulnerability assessment, workload protection, and compliance management operations via a unified platform. It enables IT professionals to automatically scan containers and provide protection against external threats using custom rules and analysis. Read more about CloudGuard

ThreatWatch is a cloud-based cybersecurity software that provides businesses with tools to conduct risk assessments, identify vulnerabilities, and secure third-party assets. Supervisors can utilize artificial intelligence (AI)-enabled threat intelligence tool to perform security scans and self-certify codes, images, and artifacts. Read more about ThreatWatch

Sosivio is a cloud-based platform built specifically for Kubernetes from the ground up providing predictive troubleshooting tools, root cause determination, and instant remediation for any failures in Kubernetes environments. Read more about Sosivio

Tanzu Observability is a user-friendly enterprise observability solution that offers full-stack visibility for applications running on any cloud. Read more about VMware Tanzu Observability

Xygeni is a security solution that provides protection for CI/CD pipeline against supply-chain attacks, ensuring security and integrity throughout the entire software development life cycle (SDLC). The platform integrates with DevOps tools and infrastructure to reduce risk by reinforcing security policies and identifying potential threats such as... Read more about Xygeni