Chainguard
Chainguard Containers are a curated catalog of minimal, zero-CVE container images backed by a leading CVE remediation SLA—7 days for critical vulnerabilities, and 14 days for high, medium, and low severities—helping teams build and ship software more securely.
Contemporary software development and deployment pipelines demand secure, continuously updated containerized workloads for cloud-native environments. Chainguard delivers minimal images built entirely from source using fortified build infrastructure, including only the essential components required to build and run containers. Tailored for both engineering and security teams, Chainguard Containers reduce costly engineering effort associated with vulnerability management, strengthen application security by minimizing attack surface, and streamline compliance with key industry frameworks and customer expectations—ultimately helping unlock business value.
Learn more
ManageEngine Endpoint Central
ManageEngine's Endpoint Central, which was previously known as Desktop Central, serves as a comprehensive Unified Endpoint Management Solution that oversees enterprise mobility management. This solution encompasses all aspects of mobile app and device management, in addition to client management for various endpoints, including mobile devices, laptops, tablets, servers, and other computing machines. With ManageEngine Endpoint Central, users can streamline and automate numerous desktop management activities, such as software installation, patching, IT asset management, imaging, and operating system deployment, thereby enhancing operational efficiency across the organization. This tool is particularly beneficial for IT departments looking to maintain control over their diverse technology environments.
Learn more
FuzzDB
FuzzDB was created to improve the likelihood of discovering security vulnerabilities in applications by utilizing dynamic testing techniques. Recognized as the first and largest open repository for fault injection patterns, along with reliable resource locations and regex for matching server responses, it is an essential tool in the field. This extensive database contains comprehensive lists of attack payload primitives specifically designed for fault injection testing. The patterns are categorized by the type of attack and, when applicable, by the specific platform, often revealing vulnerabilities such as OS command injection, directory traversals, source code exposure, file upload bypass, cross-site scripting (XSS), and SQL injections, among others. Notably, FuzzDB highlights 56 patterns that could be interpreted as a null byte and also provides extensive lists of commonly used methods and name-value pairs that may trigger debugging modes. In addition, FuzzDB is continually updated as it integrates new discoveries and contributions from the community to effectively address emerging security threats. This ongoing evolution ensures that users benefit from the latest advancements in vulnerability detection and testing methodologies.
Learn more
API Fuzzer
API Fuzzer is a tool specifically crafted to generate fuzzed requests aimed at uncovering possible vulnerabilities through recognized penetration testing techniques, ultimately delivering a thorough inventory of security concerns. It takes an API request as input and reveals a variety of vulnerabilities that could be present, such as cross-site scripting, SQL injection, blind SQL injection, XML external entity vulnerabilities, insecure direct object references (IDOR), insufficient API rate limiting, open redirect problems, data exposure issues, information leakage through headers, and cross-site request forgery vulnerabilities, among others. By leveraging this advanced tool, cybersecurity experts can significantly improve their capacity to detect and address weaknesses within their APIs, facilitating a more secure digital environment. Additionally, this proactive approach helps organizations stay ahead of potential threats and better protect sensitive data.
Learn more
