Technology Integration Partners

screen-shot-2016-11-08-at-14-33-49

We partner and integrate with market-leading commercial and open source technologies to deliver a holistic view of security postures using any tool an organization has implemented.

Infrastructure | Incident Response & ManagementSASTDASTSCA | Container Security | Notifications | Source Code Repositories | Become a Partner

Infrastructure Partners and Integrations

Actifio automates DevOps across the full lifecycle of application data. Integration with Actifio allows the CYBRIC platform to rapidly create replicated application environments.

Products:

  • Actifio Sky

The world’s most comprehensive and broadly adopted cloud platform. AWS services are trusted by millions of active customers around the world to power their infrastructure, make them more agile, and lower costs.

Products:

  • Amazon Web Services (AWS)

As a member of the Microsoft ScaleUp Program, CYBRIC works with Microsoft to ensure seamless compatibility with Microsoft Azure.

Products:

  • Microsoft Azure

Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to provide reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies.

Products:

  • OpenShift

VMware is a global leader in cloud infrastructure and business mobility, helping customers realize possibilities by accelerating their digital transformation journeys.

Products:

  • vSphere

Zerto provides enterprise IT resilience solutions for the cloud, enabling customers to withstand disruptions, incorporate new technology easily, and quickly adapt to accommodate evolving IT priorities.

Products:

  • Zerto Cloud Appliance

Incident Response & Management

IBM Resilient IRP quickly and easily integrates with organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

Products:

  • Resilient

Static Application Security Testing (SAST) Tool Partners and Integrations

Bandit is a tool designed to find common security issues in Python code.

Products:

  • Bandit

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

Products:

  • Brakeman

SonarQube is an open source platform to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages including Java, C#, JavaScript, C/C++, COBOL and more. SonarQube is the only product on the market that supports a leak approach as a practice to code quality.

Products:

  • SonarQube

Synopsys helps development teams build secure, high-quality software, faster. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior.

Products:

  • Coverity

Veracode helps organizations secure their software. Veracode’s SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the SDLC, before they can be exploited by hackers. Integration with Veracode allows the CYBRIC platform to seamlessly automate static code analysis scans without developer involvement.

Products:

  • Veracode

Related Content:

Dynamic Application Security Testing (DAST) Tool Partners and Integrations

Metasploit provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Products:

  • Metasploit Community Edition

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.

Products:

  • Nikto

Nmap is a security scanner used to discover hosts and services on a computer network, thus building a "map" of the network.

Products:

  • Nmap

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Products:

  • OpenVAS

PortSwigger Burp Suite is the leading toolkit for web application security testing.

Products:

  • Burp Suite

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Products:

  • Sn1per

Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform.

Products:

  • Nessus
  • tentable.io

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Products:

  • Zed Attack Proxy (ZAP)

Software Composition Analysis (SCA) Partners and Integrations

Snyk helps find, fix and monitor for known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of a CI (Build) system.

Products:

  • Snyk

Related Content:

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. Organizations use Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications.

Products:

  • Nexus Lifecycle

Synopsys helps development teams build secure, high-quality software, faster. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior.

Products:

  • Black Duck

Related Content:

whitesourcelogo

WhiteSource provides continuous open source software security and compliance management. Integrating WhiteSource and CYBRIC means customers can have better understanding and manage their security risk and exposure with one view.

Products:

  • WhiteSource

Container Security Partners and Integrations

CoreOS (now part of Red Hat) is the creator of CoreOS Tectonic, an enterprise-ready Kubernetes platform that provides automated operations, enables portability across private and public cloud providers, and is always upstream open source software. Clair is open-source vulnerability analysis for containers.

Products:

  • Clair

Docker Content Trust provides a way for users of containerized apps to ensure that the container's publisher and content are who they say they are.

Products:

  • Docker Content Trust

Related Content:

Twistlock provides container and cloud-native cybersecurity solutions for the enterprise. Twistlock protects applications across the development lifecycle and into production, and is purpose-built for containers, serverless and other leading technologies.

Products:

  • Twistlock

Notification and Incident Management Partners and Integrations

Jira is a proprietary issue tracking product that provides bug tracking, issue tracking and project management functions. CYBRIC integrates with their JIRA software for automatic issues generations and issues closures.

Products:

  • Jira

Slack is a cloud-based set of team collaboration tools and services

Products:

  • Slack

Splunk Inc. (NASDAQ: SPLK) turns machine data into answers. Organizations use market-leading Splunk solutions with machine learning to solve their toughest IT, Internet of Things and security challenges.

Products:

  • Splunk

VictorOps (now part of Splunk) is a real-time and agile incident management platform focusing on incident lifecycle management and collaboration for IT and DevOps teams. CYBRIC partners with VictorOps to facilitate and track remediation.

Products:

  • VictorOps

Related Content:

Source Code Repository Partners and Integrations

Bitbucket is a web-based version control repository hosting service, for source code and development projects that use either Mercurial or Git revision control systems. CYBRIC integrates with BitBucket to provide continuous scanning of software repositories.

Products:

  • Bitbucket

Don't see the integration you're looking for? Contact us.