Find the right software and services.
Turn websites into desktop apps with WebCatalog Desktop, and access a wealth of exclusive apps for Mac, Windows. Use spaces to organize apps, switch between multiple accounts with ease, and boost your productivity like never before.
Software Bill of Materials (SBOM) solutions create, process, manage, and track machine-readable inventories of components within software supply chains. These components include libraries, packages, modules, licenses, and more. Companies and developers use SBOM tools to produce and annotate detailed SBOMs for third-party and open-source components in their software. These solutions help users meet government requirements for providing a minimum SBOM. Additionally, maintaining and monitoring SBOMs supports continuous risk assessment, although these tools are not primarily focused on vulnerability remediation. While Software Composition Analysis (SCA) tools scan code-level components and dependencies to identify and address security vulnerabilities, SBOM software automates the standardized presentation of these elements to ensure transparency, observability, and compliance.
Submit New App
Snyk
snyk.io
Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code & open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix & merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find & fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free!
Fossa
fossa.com
Open source is a critical part of your software. In the average modern software product, over 80% of the source code shipped is derived from open source. Each component can have cascading legal, security, and quality implications for your customers, making it one of the most important things to manage correctly. FOSSA helps you manage your open source components. We plug into your development workflow to help your team automatically track, manage, and remediate issues with the open source you use to: - Stay compliant with software licenses and generate required attribution documents - Enforce usage and licensing policies throughout your CI/CD workflow - Monitor and remediate security vulnerabilities - Flag code quality issues and outdated components proactively By enabling open source, we help development teams increase development velocity and decrease risk.
Arnica
arnica.io
Arnica is a behavior-based software supply chain security platform for DevOps . Arnica proactively protects your software supply chain by automating the day-to-day security operations and empowering developers to own security without incurring risks or compromising velocity.
Aqua Security
aquasec.com
Aqua Security stops cloud native attacks across the application lifecycle and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer in cloud native security, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), protecting the application lifecycle from code to cloud and back. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.
SOOS
soos.io
Application Security Posture Management Platform Your organization’s application security posture should be more than just a checklist. SOOS’s ASPM is a dynamic, comprehensive approach to safeguarding your application infrastructure from vulnerabilities across the Software Development Life Cycle (SDLC) and live deployments. All in one dashboard.
JFrog
jfrog.com
Deliver Trusted Software with Speed. The only software supply chain platform to give you end-to-end visibility, security, and control for automating the delivery of trusted releases. The massively scalable, hybrid JFrog Platform is open, flexible, and integrated with all the package technologies and tools comprising the software supply chain. Organizations benefit from full traceability to any type of release and deployment environment including ML models, software that runs on the edge, and software deployed in production data centers.
OX Security
ox.security
Security should be an integral part of the software development process, not an afterthought. Founded by Neatsun Ziv and Lion Arzi, two former Check Point executives, OX is the first and only Active Application Security Posture Management (ASPM) Platform, consolidating disparate application security tools (ASPM+AST and SSC) into a single console. By merging best practices from risk management and cybersecurity with a user-centric approach tailored for developers, it offers complete security, prioritization, and automated remediation of security issues throughout the development cycle, enabling organizations to release secure products quickly.
Xygeni
xygeni.io
Secure your Software Development and Delivery! Xygeni Security specializes in Application Security Posture Management (ASPM), using deep contextual insights to effectively prioritize and manage security risks while minimizing noise and overwhelming alerts. Our innovative technologies automatically detect malicious code in real-time upon new and updated components publication, immediately notifying customers and quarantining affected components to prevent potential breaches. With extensive coverage spanning the entire Software Supply Chain—including Open Source components, CI/CD processes and infrastructure, Anomaly detection, Secret leakage, Infrastructure as Code (IaC), and Container security—Xygeni ensures robust protection for your software applications. Trust Xygeni to protect your operations and empower your team to build and deliver with integrity and security.
Scribe Security
scribesecurity.com
Scribe is a SaaS solution that provides continuous assurance for the security and trust worthiness of software artifacts, acting as a trust hub between software producers and consumers. Scribe centralized SBOM management system allows to effortlessly manage and share products SBOMs along with all their associated security aspects in a controlled and automated manner.
The Code Registry
thecoderegistry.com
The Code Registry is the world's first AI-powered code intelligence and insights platform, designed to safeguard and optimize software assets for businesses. By providing an independent, secure replication of code repositories and delivering in-depth analysis and reporting, The Code Registry empowers business leaders and senior IT experts to manage their development teams and software budgets more effectively. With a focus on security, efficiency, and transparency, The Code Registry is setting a new standard in code management and analysis. By signing up to any of our subscription tiers you will have complete access to; > Independent secure automated Code Vault back-ups > Full code security scans > Open Source dependency and licence detection > Code Complexity Analysis > AI Quotient™ > Full Git History > Proprietary 'code-to-replicate' code valuation > Automated comparison reporting. The Code Registry. Know Your Code™
© 2025 WebCatalog, Inc.