Chainguard
Out-of-date software is a major factor in security breaches. Our images are continuously updated with new versions and fixes. Our images come with SLAs that guarantee that we will provide patches or mitigations for vulnerabilities within an agreed time frame. Our images aim for zero-known vulnerabilities. No more spending hours analyzing reports from scanning tools. Our team has a deep understanding of the entire problem space, creating some of the most successful foundational open source projects in this domain. We know that automation, without sacrificing developer productivity, is key. Enforce generates a real-time asset inventory database to power developer tooling, incident recovery, and audit automation. Enforce can be used to generate SBOMs, monitor running containers for CVEs, and protect infrastructure against insider attacks.
Learn more
Sonrai Security
Identity and Data Protection for AWS, Azure, Google Cloud, and Kubernetes. Sonrai’s public cloud security platform provides a complete risk model of all identity and data relationships, including activity and movement across cloud accounts, cloud providers, and 3rd party data stores. Uncover all identity and data relationships between administrators, roles, compute instances, serverless functions, and containers across multi-cloud accounts and 3rd-party data stores. Inside the platform, our critical resource monitor continuously monitors your critical data sitting inside object stores (e.g. AWS S3, Azure Blob) and database services (e.g. CosmosDB, Dynamo DB, RDS). Privacy and compliance controls are monitored across multiple cloud providers and 3rd party data stores. Resolutions are coordinated with relevant DevSecOps teams.
Learn more
Runecast
Runecast is an enterprise CNAPP platform that saves your Security and Operations teams time and resources by enabling a proactive approach to ITOM, CSPM, and compliance. It automates vulnerability assessment, configuration drift management and continuous compliance – for VMware, Cloud and Containers.
By proactively using our agentless scanning in real-time admins discover potential risks and remediation solutions before any issues can develop into a major outage.
It provides continuous audits against vendor best practices, common security standards, and frameworks such as BSI IT-Grundschutz, CIS, Cyber Essentials, DISA STIG, DORA, Essential 8, GDPR, HIPAA, ISO 27001, KVKK, NIST, PCI DSS, TISAX, VMware Security Hardening Guidelines, and the CISA KEVs catalog.
Detect and assess risks and be fully compliant across your hybrid cloud in minutes.
Runecast has been recognized with Frost & Sullivan's 2023 European New Product Innovation Award in the CNAPP industry.
Learn more
Finite State
Finite State manages risk across the software supply chain with comprehensive SCA and SBOMs for the connected world. By providing end-to-end SBOM solutions, Finite State enables Product Security teams to meet regulatory, customer, and security demands. Finite State's best-in-class binary SCA creates visibility into any-party software that enables Product Security teams to understand their risk in context and shift right on vulnerability detection. With visibility, scalability, and speed, Finite State correlates data from all of your security tools into a single pane of glass for maximum visibility.
Learn more
