Chainguard provides hardened container images and a software supply chain security platform for building and shipping safer modern applications.
Security platforms that protect the software development and delivery pipeline from tampering, malicious dependencies, and build compromises.
Chainguard provides hardened container images and a software supply chain security platform for building and shipping safer modern applications.
Machine identity management platform providing automated certificate lifecycle management, SSH key management, and code signing security.
Trivy by Aqua Security is an open-source comprehensive vulnerability scanner for containers, filesystems, Git repositories, and Kubernetes configurations.
Software supply chain security platform providing attestation, SBOM, and immutable audit logs.
Active ASPM platform providing end-to-end visibility and security across the software supply chain from code to cloud.
Complete ASPM platform providing visibility and security across the entire software development lifecycle from code to cloud.
Sanctions and sensitive activities research platform delivering specialized data and risk intelligence for compliance and supply chain teams.
Software bill of materials platform for industrial control systems delivering software supply chain intelligence.
Interos provides AI-powered supply chain risk monitoring and mapping, identifying vulnerabilities across multi-tier supplier networks in real time.
ESG and supply chain compliance platform offering human rights, environmental due diligence, and EUDR compliance.
Blockchain security firm providing smart contract audits, on-chain monitoring, and Skynet risk scoring.
Decentralized monitoring network detecting threats and anomalies across smart contracts and DeFi protocols.
QIMA quality control and compliance platform offering inspections, audits, and testing across global supply chains.
Digital rights and traceability platform that secures additive manufacturing supply chains end-to-end.
SaaS to SaaS supply chain security platform
Phylum provides automated software supply chain risk analysis that detects malicious open-source packages, author risk, and dependency vulnerabilities.
Google service for understanding dependencies of open source packages with security advisories and license information.
SaaS application supply chain security acquired by Zscaler
Application security posture management platform securing the software supply chain from code to deployment with pipeline visibility and protection.
Client-side security and Magecart protection
Chainguard's undistro Linux for secure software supply chain designed for containers with glibc and SBOM-first approach.
Jit provides a DevSecOps orchestration platform that combines open-source security tools including SCA, SAST, and secrets detection in a unified developer workflow.
Connected device security platform providing firmware analysis, SBOM management, and vulnerability detection for IoT and embedded systems.
Open source framework providing end-to-end software supply chain integrity verification.
Rezilion provides software supply chain security with runtime validation that identifies which vulnerabilities are actually exploitable in your specific environment.
Blockchain-based trade finance platform connecting commodity traders, banks, and inspection companies for digital trade workflows.
AI-powered regulatory compliance platform offering regulatory change management and third-party risk for financial services.
Traceability platform for pharma, food, and manufacturing delivering serialization and supply chain insight.
Theft prevention and recovery network for cargo shipments providing investigation support, alerts, and risk intelligence to carriers.
Software supply chain security platform delivering SAST, SCA, secrets, malware, and pipeline security for the entire SDLC.
Software supply chain security platform providing SBOM generation, vulnerability management, and attestation for software integrity.
AI security company protecting ML models from adversarial attacks, model theft, and supply chain vulnerabilities.
Open-source software supply chain control plane for attesting, signing, and verifying build artifacts.
Materials intelligence platform using AI to harmonize master data and optimize inventory across direct materials supply chains.
Smart contract audit service from ConsenSys providing security reviews for DeFi and enterprise blockchain projects.
Resilinc provides supply chain mapping, risk monitoring, and disruption response capabilities for building resilient global supply chains.
Supplier ESG rating platform offering sustainability assessments and supply chain sustainability intelligence.
European aerospace supply chain cybersecurity platform offering compliance frameworks and secure collaboration for A&D partners.
Third-party risk management platform delivering AI-driven supply chain due diligence, sanctions screening, and ESG risk monitoring.
Firmware and software supply chain security platform providing SBOMs, vulnerability detection, and risk scoring for connected devices.
EHS compliance and SDS management platform offering chemical compliance, supplier data, and regulatory reporting.
Firmware supply chain security and transparency platform
Web3 security platform protecting dApps and wallets from scams, phishing, and malicious transactions.
Decentralized smart contract audit platform providing contests and coverage for DeFi protocols.
SaaS security posture management platform that discovers misconfigurations, supply chain risks, and excessive permissions across SaaS applications.
OpenSSF open-source project aggregating software supply chain metadata (SBOMs, SLSA, signatures) into a unified graph.
Software supply chain security acquired by Aqua Security
Supply chain risk monitoring platform (now part of Everstream Analytics) formerly provided by DHL for real-time incident tracking.
Open-source project providing free code signing and verification infrastructure for software supply chain integrity and provenance.
Endor Labs provides dependency lifecycle management that helps organizations reduce open-source risk by identifying reachable vulnerabilities and unmaintained dependencies.
Smart contract security platform offering audits, developer education, and the Aderyn open-source analyzer.
Software supply chain management platform providing SBOM intelligence, component risk analysis, and open-source software integrity verification.
Supply chain risk management and visibility platform with real-time cargo monitoring, theft prevention, and compliance tracking.
Crypto asset protection platform providing key backup, theft protection, and transaction insurance.
Application security posture management platform providing risk-based visibility and prioritization across the software development lifecycle.
Logistics platform offering ocean and air freight procurement, tracking, and supply chain visibility for enterprises.
OpenSSF automated tool assessing open-source projects for security risks across 20+ checks like branch protection and CI tests.
Enterprise firmware and hardware security platform providing supply chain risk management and threat detection.
Cloud package registry with security, compliance, and supply chain protection for npm, Python, Maven, and more.
Quality and compliance platform connecting brands, suppliers, and inspection services for production oversight.