Technology Integration Partners

screen-shot-2016-11-08-at-14-33-49

We partner and integrate with market-leading commercial and open source technologies to deliver a holistic view of security postures using any tool an organization has implemented.

InfrastructureSASTDASTSCA | Container Security | Notifications | Become a Partner

Infrastructure Partners and Integrations

Actifio automates DevOps across the full lifecycle of application data. Integration with Actifio allows the CYBRIC platform to rapidly create replicated application environments.

Products:

  • Actifio Sky

The world’s most comprehensive and broadly adopted cloud platform. AWS services are trusted by millions of active customers around the world to power their infrastructure, make them more agile, and lower costs.

Products:

  • Amazon Web Services (AWS)

VMware is a global leader in cloud infrastructure and business mobility, helping customers realize possibilities by accelerating their digital transformation journeys.

Products:

  • vSphere

Zerto provides enterprise IT resilience solutions for the cloud, enabling customers to withstand disruptions, incorporate new technology easily, and quickly adapt to accommodate evolving IT priorities.

Products:

  • Zerto Cloud Appliance

Static Application Security Testing (SAST) Tool Partners and Integrations

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

Products:

  • Brakeman

SonarQube is an open source platform to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages including Java, C#, JavaScript, C/C++, COBOL and more. SonarQube is the only product on the market that supports a leak approach as a practice to code quality.

Products:

  • SonarQube

Veracode helps organizations secure their software. Veracode’s SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Integration with Veracode allows the CYBRIC platform to seamlessly automate static code analysis scans without developer involvement.

Products:

  • Veracode

Related Content:

Dynamic Application Security Testing (DAST) Tool Partners and Integrations

Metasploit provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Products:

  • Metasploit Community Edition

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.

Products:

  • Nikto

Nmap is a security scanner used to discover hosts and services on a computer network, thus building a "map" of the network.

Products:

  • Nmap

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Products:

  • OpenVAS

PortSwigger Burp Suite is the leading toolkit for web application security testing.

Products:

  • Burp Suite

Rapid7 (NASDAQ: RPD) research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management.

Products:

  • AppSpider

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Products:

  • Sn1per

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Products:

  • Zed Attack Proxy (ZAP)

Software Composition Analysis (SCA) Partners and Integrations

Black Duck Software’s industry-leading products automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk.

Products:

  • Hub

Related Content:

Snyk helps find, fix and monitor for known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of a CI (Build) system.

Products:

  • Snyk

Related Content:

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. Organizations use Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications.

Products:

  • Nexus Lifecycle

WhiteSource provides continuous open source software security and compliance management. Integrating WhiteSource and CYBRIC means customers can have better understanding and manage their security risk and exposure with one view.

Products:

  • WhiteSource

Related Content:

Container Security Partners and Integrations

CoreOS is the creator of CoreOS Tectonic, an enterprise-ready Kubernetes platform that provides automated operations, enables portability across private and public cloud providers, and is always upstream open source software. Clair is open-source vulnerability analysis for containers.

Products:

  • Clair

Docker Content Trust provides a way for users of containerized apps to ensure that the container's publisher and content are who they say they are.

Products:

  • Docker Content Trust

Related Content:

Notification and Incident Management Partners and Integrations

Slack is a cloud-based set of team collaboration tools and services

Products:

  • Slack

VictorOps is a real-time and agile incident management platform focusing on incident lifecycle management and collaboration for IT and DevOps teams. CYBRIC partners with VictorOps to facilitate and track remediation.

Products:

  • VictorOps

Related Content: