Vendor Directory
Explore application security and software supply chain vendors.
42Crunch
Secure APIs from design to deployment
42Crunch is the leading API Security platform that automates the testing, fixing, and protection of APIs throughout their development lifecycle. It enables enterprises to enforce API security compliance across distributed teams, providing tools for API semantic validation and data definition. The platform continuously monitors security compliance across IDE, CI/CD, and runtime, allowing teams to collaboratively manage API governance. 42Crunch empowers developers with automated tools that reduce false positives and streamline security processes, ensuring APIs are secure from design through to production. It integrates with popular development tools and can be deployed on any container orchestrator.
ARMUR
Secure your code, safeguard your future
Armur AI offers advanced code vulnerability scanning, specializing in Static Application Security Testing (SAST) and smart contract auditing using LLM agents. The platform supports multiple programming languages including GO, Rust, JavaScript, and Python, enabling thorough static code analysis to identify vulnerabilities early in the development process. Additionally, Armur provides tools for auditing Solidity smart contracts and other blockchain contracts, ensuring robust security measures for decentralized applications. With features like Dynamic Application Security Testing (DAST) and Vulnerability Assessment and Penetration Testing (VAPT), Armur empowers developers and security professionals to secure their code effectively before deployment.
Promon
Shielding Apps, Securing Futures
Promon provides mobile app security focused on protecting the app lifecycle. The site describes a Mobile App Security Library that implements runtime security, code obfuscation, and app shielding. The provider states it protects mobile apps, SDKs and APIs and references iOS and Android security. Promon offers developer‑facing resources including checklists, reports, webinars, and hosted sessions, and invites visitors to subscribe for product updates. Site copy mentions API protection and mobile app protection for organisations from startups to multi‑nationals. The content is framed around app shielding, obfuscation, runtime protection, and compliance-related information for mobile applications.
Postman
Transforming API workflows for every team
Postman is a unified API platform for designing, testing, documenting, distributing, and monitoring APIs. The record describes Postman as enabling teams to "create, run, and manage API tests at scale" and providing governance, security controls, and compliance frameworks for enterprises. Features mentioned include pipeline-native testing, automated compliance scanning, encrypted secret management, contract-first governance, and MCP server and catalog capabilities. The product is presented as serving both enterprise and small/medium teams and supporting API lifecycle workflows, centralized catalogs for reuse, and integrations such as bi-directional Git sync. The description is limited to claims and terms present in the provided record text.
FireTail.ai
Secure Your APIs, Protect Your Data
FireTail is an AI security and governance platform focused on securing APIs across various environments. The platform helps identify, analyze, and protect sensitive data accessed by APIs. With comprehensive API security capabilities, FireTail offers solutions to proactively block malicious API calls, ensuring robust defenses against vulnerabilities. The platform emphasizes the importance of API visibility, allowing organizations to discover and understand their API landscape. FireTail's end-to-end solution provides detailed assessments of an organization's API security posture, along with practical guidance to fortify their APIs.
Cequence Security
Defend Your APIs with Intelligent Precision
Cequence Security offers a Unified Application Protection Platform designed to secure APIs and applications against attacks and fraud. The platform includes features such as API Security Posture Management, testing, and compliance measures to identify vulnerabilities and enhance API security. Key functionalities include bot detection and mitigation, sensitive data discovery and masking, and an extensive database of threat behaviors. Organizations can quickly deploy across their API infrastructure, leveraging machine learning to create automated security testing plans and initiate timely remediation tasks for critical vulnerabilities. Cequence aims to empower organizations to protect their applications while ensuring compliance with data security standards.
Wallarm: API Security Leader
Unifying Security Across APIs and Applications
Wallarm provides a unified platform for advanced application and API security, automating real-time protection and security testing for APIs, applications, and microservices. The platform offers comprehensive capabilities for securing APIs across multi-cloud and Kubernetes environments. Wallarm's focus on a comprehensive approach to API security seeks to reduce risks associated with vulnerabilities and attacks on API infrastructures, making it suitable for enterprises looking to enhance their security posture.
Prophaze
Guarding Your Cloud, One Request at a Time
Prophaze is a Web and API security platform that provides Cloud WAF, WAAP, API security and DDoS protection for applications and APIs hosted across AWS, Azure, Google Cloud and Kubernetes. The Prophaze Cloud WAF detects and blocks suspicious activity using behavioral-based threat detection and offers protections for websites, applications, and APIs across multiple cloud environments. KubeWAF is described as an enterprise-grade Kubernetes Web Application Firewall deployed as a microservice alongside other components and filters incoming traffic to API services. The platform's API security is vendor-agnostic and supports leading API gateways. Prophaze also includes DDoS protection and bot management to distinguish and block scrapers, scanners and comment spammers.
Accessibility.com
Empowering digital accessibility for businesses
Accessibility.com was born out of necessity. A strong core of professionals with nearly a century of combined experience in the digital accessibility space recognized the need for tangible and practical guidance to drive digital inclusion and compliance. We're excited to work toward our vision and thank you for your support.
Pynt
Secure your APIs with confidence and speed
Pynt offers dynamic API security testing designed for developers and testers to identify and remediate vulnerabilities throughout the development lifecycle. Its unique attack approach empowers customers with comprehensive security coverage while minimizing effort and maximizing peace of mind. Pynt's automation features provide detection for OWASP's Top 10 API Risks and target critical vulnerabilities based on ongoing research. With a focus on compliance and security standards, Pynt helps organizations secure their applications effectively through proactive and contextual testing solutions.