{"payload":{"featured":[],"recommended":[],"recently_added":[],"search_results":{"results":[{"type":"marketplace_listing","id":"16019","state":"unverified","name":"Pixeebot | Automated code fixes.","free":true,"primary_category":"AI Assisted","secondary_category":"Security","is_verified_owner":true,"slug":"pixeebot-automated-code-fixes","owner_login":"pixee","resource_path":"/marketplace/pixeebot-automated-code-fixes","installation_count":1722,"full_description":"Code security is complex work. Let Pixeebot handle it for you.\n\nPixeebot currently supports Java and Python. Install now to get on the waitlist for future languages. ✨ AI features\nenabled by default. Learn more.\n\nJust as Dependabot keeps your dependencies up to date, Pixeebot helps ensure your code is - and stays - secure. Pixeebot\nimmediately starts monitoring your repository and makes suggestions that are easy for your team to absorb.\n","short_description":"Your Automated Product Security Engineer","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16019?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16019,"state":6,"name":"Pixeebot | Automated code fixes.","slug":"pixeebot-automated-code-fixes","short_description":"Your Automated Product Security Engineer","full_description":"# Code security is complex work. Let Pixeebot handle it for you.\n\n>Pixeebot currently supports **Java** and **Python**. Install now to get on the waitlist for future languages. ✨ AI features enabled by default. [Learn more](https://docs.pixee.ai/faqs/).\n\nJust as Dependabot keeps your dependencies up to date, Pixeebot helps ensure your code is - and stays - secure. Pixeebot immediately starts monitoring your repository and makes suggestions that are easy for your team to absorb.","extended_description":"### Pixeebot is not a code scanner, and it’s not going to send you reports. It just hardens your code and fixes stuff.\nNo findings to review, just PRs to accept+merge!\n\n### Harden code continuously\nEvery week, Pixeebot sends a pull request to your default branch with suggested security improvements. Even summon Pixeebot with **@pixeebot next** if you’re ready for more.\n\n### Fix vulnerabilities\nPixeebot also reviews results from your SAST code scanners and auto-remediates whenever possible. All you have to do is approve!\n\n### Uplevel security with PR tune-ups\nEach new pull request your team creates gets automatic feedback from Pixeebot, whether it’s confirmation that everything looks good, or a PR with suggestions. No reports, just actual code fixes you can merge in one step.\n\n### We keep up to date on security best practices, so you don’t have to\nOur security experts stay on top of the latest research to make sure you’re protected from all the latest security threats.","primary_category_id":39,"secondary_category_id":6,"privacy_policy_url":"https://pixee.ai/privacy","tos_url":"https://pixee.ai/terms","company_url":"https://pixee.ai","status_url":"https://docs.pixee.ai/status","support_url":"https://docs.pixee.ai","documentation_url":"https://docs.pixee.ai","pricing_url":null,"bgcolor":"fbfafb","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4069,"technical_email":"david@pixee.ai","marketing_email":"surag@pixee.ai","finance_email":"surag@pixee.ai","direct_billing_enabled":false,"by_github":false,"security_email":"david@pixee.ai","listable_type":"Integration","listable_id":193111,"copilot_app":false}}},{"type":"marketplace_listing","id":"17459","state":"unverified","name":"mit10s-app","free":true,"primary_category":"Security","secondary_category":"Code quality","is_verified_owner":false,"slug":"mit10s","owner_login":"mit10s","resource_path":"/marketplace/mit10s","installation_count":1,"full_description":"Revolutionize your API security with mit10s. A powerful vulnerability scanner leveraging Artificial Intelligence to\nscrutinize your code and generate an exhaustive report of potential vulnerabilities, the severity of threats, and\nactionable steps to fix them. Integrate code security checks directly into your software development lifecycle with our\ncompanion GitHub app. Improve the security of your code with the touch of a button.\n","short_description":"A comprehensive security tool for your API codebases","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17459?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17459,"state":6,"name":"mit10s-app","slug":"mit10s","short_description":"A comprehensive security tool for your API codebases","full_description":"Revolutionize your API security with `mit10s`. A powerful vulnerability scanner leveraging Artificial Intelligence to scrutinize your code and generate an exhaustive report of potential vulnerabilities, the severity of threats, and actionable steps to fix them. Integrate code security checks directly into your software development lifecycle with our companion GitHub app. Improve the security of your code with the touch of a button.","extended_description":"`mit10s` reliably scans your API codebases and uses AI-based algorithms to identify potential security vulnerabilities. This process produces a detailed report featuring:\n\n- A comprehensive list of potential security vulnerabilities.\n- The severity of each identified threat.\n- The priority level for fixing each vulnerability.\n- Clear, actionable steps to remediate identified vulnerabilities.\n\n'mit10s' comes with this companion GitHub app that integrates seamlessly with your repositories. With this app you can:\n\n- Run 'mit10s' directly on your repository, generating exhaustive security reports.\n- Enhance your PR reviews with automated annotations.\n- Establish checklist rules for PRs, blocking the merging of code not passing 'mit10s' security checks.\n\nBring your security testing to the next level by opting for the `mit10s` GitHub app for a well-integrated, efficient, secure coding experience.","primary_category_id":6,"secondary_category_id":12,"privacy_policy_url":"https://github.com/mit10s/mit10s-github-app/blob/main/privacy-policy.md","tos_url":"https://github.com/mit10s/mit10s-github-app/blob/main/terms-of-service.md","company_url":"https://mit10s.com/","status_url":"https://mit10s.com/","support_url":"https://github.com/mit10s/mit10s-github-app/issues","documentation_url":"https://github.com/mit10s/mit10s-github-app","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"ceo@mit10s.com","marketing_email":"ceo@mit10s.com","finance_email":"ceo@mit10s.com","direct_billing_enabled":false,"by_github":false,"security_email":"ceo@mit10s.com","listable_type":"Integration","listable_id":832495,"copilot_app":false}}},{"type":"marketplace_listing","id":"17864","state":"unverified","name":"Golang Code Scanner","free":true,"primary_category":"Code quality","secondary_category":"Security","is_verified_owner":true,"slug":"golang-code-scanner","owner_login":"Armur-Ai","resource_path":"/marketplace/golang-code-scanner","installation_count":3,"full_description":"Golang Code Scanner\n\nThe Golang Code Scanner is a app designed to enhance the security of your Golang codebase by scanning for\nvulnerabilities. It automatically analyzes your Golang code whenever you push changes to the master branch or create a\npull request targeting the master or main branch. Upon detecting vulnerabilities, it adds a comment to the created pull\nrequest, thereby facilitating timely resolution of security issues.\n","short_description":"Automated vulnerability Scanner","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17864?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17864,"state":6,"name":"Golang Code Scanner","slug":"golang-code-scanner","short_description":"Automated vulnerability Scanner","full_description":"# Golang Code Scanner\n\nThe **Golang Code Scanner** is a app designed to enhance the security of your Golang codebase by scanning for vulnerabilities. It automatically analyzes your Golang code whenever you push changes to the `master` branch or create a pull request targeting the `master` or  `main` branch. Upon detecting vulnerabilities, it adds a comment to the created pull request, thereby facilitating timely resolution of security issues.\n","extended_description":"# Features\n\n- **Automated Vulnerability Detection**: The app automatically scans Golang code for vulnerabilities.\n- **Integration with Pull Requests**: Vulnerability findings are reported as comments on pull requests, streamlining the review process.\n\n","primary_category_id":12,"secondary_category_id":6,"privacy_policy_url":"https://www.armur.ai/privacy-policy","tos_url":"","company_url":"https://www.armur.ai","status_url":"","support_url":"https://www.armur.ai/contact","documentation_url":"","pricing_url":null,"bgcolor":"000000","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4543,"technical_email":"akhil@armur.ai","marketing_email":"shane@armur.ai","finance_email":"paul@armur.ai","direct_billing_enabled":false,"by_github":false,"security_email":"admin@armur.ai","listable_type":"Integration","listable_id":874187,"copilot_app":false}}},{"type":"marketplace_listing","id":"15273","state":"unverified","name":"patched.codes","free":true,"primary_category":"AI Assisted","secondary_category":"Security","is_verified_owner":false,"slug":"patched-codes","owner_login":"patched-codes","resource_path":"/marketplace/patched-codes","installation_count":53,"full_description":"Deterministically automate PR reviews, bug fixing, security patching, and more using customizable prompts and your\npreferred LLMs.\n","short_description":"Open Source Agentic AI Workflows for DevOps","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/15273?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":15273,"state":6,"name":"patched.codes","slug":"patched-codes","short_description":"Open Source Agentic AI Workflows for DevOps","full_description":"Deterministically automate PR reviews, bug fixing, security patching, and more using customizable prompts and your preferred LLMs.","extended_description":"**Developer LESS, not developer FIRST.**\nAutomate chores and tasks so you there is less on your plate.\n\n**Stay in the Zone**\nNo IDE pop-ups that disrupt developer flows.\n\n**Privacy Pioritized**\nMinimum code access, pseudonymized for privacy.\n\n**Not another AI Company**\nMultiple code-checks for fully-vetted patches.","primary_category_id":39,"secondary_category_id":6,"privacy_policy_url":"https://patched.codes/privacy","tos_url":"https://patched.codes/terms","company_url":"https://patched.codes","status_url":"","support_url":"https://patched.codes/support","documentation_url":"https://docs.patched.codes/introduction","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"tech@patched.codes","marketing_email":"contact@patched.codes","finance_email":"contact@patched.codes","direct_billing_enabled":false,"by_github":false,"security_email":"tech@patched.codes","listable_type":"Integration","listable_id":298395,"copilot_app":false}}},{"type":"marketplace_listing","id":"12891","state":"unverified","name":"Precaution","free":false,"primary_category":"Security","secondary_category":"Code review","is_verified_owner":true,"slug":"precaution","owner_login":"securesauce","resource_path":"/marketplace/precaution","installation_count":61,"full_description":"Precaution is a static application security testing (SAST) tool designed to tightly integrate into your GitHub\ndevelopment workflow. Each time a pull request is opened, Precaution runs its static analyzers on the code changes to\ndetect potential security vulnerabilities. Every effort is made to be as accurate as possible to avoid noisy false\npositives.\n","short_description":"Find and fix potential security vulnerabilities in your code","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/12891?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":12891,"state":6,"name":"Precaution","slug":"precaution","short_description":"Find and fix potential security vulnerabilities in your code","full_description":"Precaution is a static application security testing (SAST) tool designed to tightly integrate into your GitHub development workflow. Each time a pull request is opened, Precaution runs its static analyzers on the code changes to detect potential security vulnerabilities. Every effort is made to be as accurate as possible to avoid noisy false positives.","extended_description":"Precaution finds issues such as injection, weak hashes, clear text transmission of data, timing attacks, weak encryption, deserialization of untrusted data,improper certificate validation, and more.","primary_category_id":6,"secondary_category_id":10,"privacy_policy_url":"https://www.securesauce.dev/privacy","tos_url":"https://www.securesauce.dev/terms","company_url":"https://www.securesauce.dev/","status_url":"https://securesauce.github.io/status/","support_url":"support@securesauce.dev","documentation_url":"https://docs.securesauce.dev/","pricing_url":null,"bgcolor":"e4f2f5","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3946,"technical_email":"technical@securesauce.dev","marketing_email":"marketing@securesauce.dev","finance_email":"finance@securesauce.dev","direct_billing_enabled":false,"by_github":false,"security_email":"security@securesauce.dev","listable_type":"Integration","listable_id":20394,"copilot_app":false}}},{"type":"marketplace_listing","id":"17890","state":"unverified","name":"Sudoviz","free":true,"primary_category":"Security","secondary_category":"AI Assisted","is_verified_owner":false,"slug":"sudoviz","owner_login":"sudoviz","resource_path":"/marketplace/sudoviz","installation_count":3,"full_description":"Sudoviz: Security   Analytics\n\n  - Detect Vulnerabilities: Remediate code issues 100x faster.\n  - Security Visibility: Manage risk across applications.\n  - Data Analysis: Visibility in development environments.\n  - Secure Strategy: Avoid cyber risks.\n\nFeatures:\n\n  - Scans: Comprehensive stack analysis.\n  - Analytics: Insights from vulnerability metrics.\n  - Workflow: Manage issues via Jira.\n  - AI Remediation: Enhance code security.\n","short_description":"Secure your software stack with next gen AI","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17890?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17890,"state":6,"name":"Sudoviz","slug":"sudoviz","short_description":"Secure your software stack with next gen AI","full_description":"# Sudoviz: Security & Analytics\n- **Detect Vulnerabilities**: Remediate code issues 100x faster.\n- **Security Visibility**: Manage risk across applications.\n- **Data Analysis**: Visibility in development environments.\n- **Secure Strategy**: Avoid cyber risks.\n\n### Features:\n- **Scans**: Comprehensive stack analysis.\n- **Analytics**: Insights from vulnerability metrics.\n- **Workflow**: Manage issues via Jira.\n- **AI Remediation**: Enhance code security.\n","extended_description":"# Sudoviz: Enhanced Security & Analytics Solutions\n\n## Core Features:\n\n- **Rapid Vulnerability Detection**: Accelerate issue identification and remediation by 100 times.\n- **Comprehensive Security Oversight**: Oversee and mitigate risks throughout your entire software portfolio.\n- **Persistent Data Analysis**: Maintain continuous oversight across essential development zones.\n- **Proactive Risk Management**: Navigate away from hidden cyber threats and vulnerabilities.\n\n### Detailed Functionality:\n\n- **Vulnerability Scans**: Initiate thorough examinations of your software stack, identifying and analyzing potential security risks.\n- **Results Analysis**: Explore vulnerabilities using an intuitive dashboard to make strategic security decisions.\n- **Workflow Optimization**: Streamline issue management with integrated Jira ticket creation for effective collaboration.\n- **AI-Assisted Solutions**: Utilize AI for precise false positive analysis and to recommend robust security measures.","primary_category_id":6,"secondary_category_id":39,"privacy_policy_url":"https://www.sudoviz.com/","tos_url":"https://www.sudoviz.com/","company_url":"https://www.sudoviz.com/","status_url":"https://www.sudoviz.com/","support_url":"https://www.sudoviz.com/contact","documentation_url":"https://www.sudoviz.com/","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"support@sudoviz.com","marketing_email":"support@sudoviz.com","finance_email":"support@sudoviz.com","direct_billing_enabled":false,"by_github":false,"security_email":"support@sudoviz.com","listable_type":"Integration","listable_id":880429,"copilot_app":false}}},{"type":"marketplace_listing","id":"14937","state":"unverified","name":"InfieldAI","free":false,"primary_category":"Dependency management","secondary_category":"Security","is_verified_owner":false,"slug":"infieldai","owner_login":"infieldai","resource_path":"/marketplace/infieldai","installation_count":73,"full_description":"Drowning in open upgrade PRs?\n\nWe researched, parsed, and validated thousands of open source changelogs so you can upgrade quickly and safely.\n","short_description":"Upgrade dependencies safely and easily with Infield-verified changelogs","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/14937?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":14937,"state":6,"name":"InfieldAI","slug":"infieldai","short_description":"Upgrade dependencies safely and easily with Infield-verified changelogs","full_description":"### Drowning in open upgrade PRs? \nWe researched, parsed, and validated thousands of open source changelogs so you can upgrade quickly and safely.\n\n\n\n","extended_description":"### Upgrade safely\nWe've parsed the changelog, categorized the changes, and evaluated each change's potential to break your app. \n\n### Increase Visibility\nSort and filter your dependencies to see which ones are stale, abandoned, or high risk. \n\n### Minimize Toil\nMake your upgrade work more efficient with Infield's automatic changelog research and impact analysis.\n\nQuestions? Reach out to InfieldAI founders directly at [founders@infield.ai](founders@infield.ai).","primary_category_id":11,"secondary_category_id":6,"privacy_policy_url":"https://www.infield.ai/privacy","tos_url":"https://www.infield.ai/terms","company_url":"https://www.infield.ai/","status_url":"","support_url":"support@infield.ai","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3708,"technical_email":"steve@infield.ai","marketing_email":"andrew@infield.ai","finance_email":"allison@infield.ai","direct_billing_enabled":false,"by_github":false,"security_email":"steve@infield.ai","listable_type":"Integration","listable_id":300994,"copilot_app":false}}},{"type":"marketplace_listing","id":"13233","state":"unverified","name":"Threatrix","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"threatrix","owner_login":"threatrix","resource_path":"/marketplace/threatrix","installation_count":38,"full_description":"Graduate To Threatrix\n\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated\nsecurity, allowing organizations to determine their exposure to open source risks with one solution. Actionable results\ndrive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance\nteams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.\n","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13233?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13233,"state":6,"name":"Threatrix","slug":"threatrix","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","full_description":"## Graduate To Threatrix\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated security, allowing organizations to determine their exposure to open source risks with one solution. Actionable results drive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance teams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.","extended_description":"Nearly four years of research and development have culminated in the creation of our core technologies. Threatrix Origin Tracing technology ensures the most accurate open source match results producing immediately actionable data from build time scans.\n\nWith support for more than 400 languages and growing every day, Threatrix encompasses, by far, the broadest coverage of any tool in the market.\n\n### Continuous Security\nThreatrix continuously scans your repositories for security vulnerabilities and creates fix requests for the next or latest security versions of components.\n\n### Continuous Compliance\nThreatrix produces hyper-accurate results in minutes allowing your team to perform continuous triage of license issues to stay ahead of open source risks. VCs are using Threatrix to determine risks with their investments. Failing to comply with all of your open source licenses may kill your next funding round.\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://threatrix.io/privacy","tos_url":"https://threatrix.io/terms","company_url":"https://threatrix.io/","status_url":"","support_url":"support@threatrix.io","documentation_url":"https://docs.threatrix.io/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"john@threatrix.io","marketing_email":"kristen@threatrix.io","finance_email":"john@threatrix.io","direct_billing_enabled":false,"by_github":false,"security_email":"john@threatrix.io","listable_type":"Integration","listable_id":220916,"copilot_app":false}}},{"type":"marketplace_listing","id":"16139","state":"unverified","name":"EdgeBit Security","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":false,"slug":"edgebit-security","owner_login":"edgebitio","resource_path":"/marketplace/edgebit-security","installation_count":13,"full_description":"Prevent insecure dependencies before they can merge. Track and remediate vulnerabilities in your entire supply chain.\n\nEdgeBit is a real-time SCA tool that uses data about how your app executes in production to filter out irrelevant\nvulnerabilities and dormant code.\n","short_description":"Real-time SCA tool to find issues in your supply chain and rank threats with context from production execution","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16139?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16139,"state":6,"name":"EdgeBit Security","slug":"edgebit-security","short_description":"Real-time SCA tool to find issues in your supply chain and rank threats with context from production execution","full_description":"**Prevent insecure dependencies before they can merge. Track and remediate vulnerabilities in your entire supply chain.**\n\nEdgeBit is a [real-time SCA tool](https://edgebit.io/solutions/vulnerability-management/?utm_source=github) that uses data about how your app executes in production to filter out irrelevant vulnerabilities and dormant code.\n\n","extended_description":" - **Detection in Pull Request**: Identify risks in new dependencies right in a PR\n - **Prioritized CVEs**: Ruthlessly prioritize issues to fix based on real-time context\n - **Supply Chain Inventory**: Track dependency track usage across your software components\n - **Generate SBOMs automatically**: SBOMs for compliance artifacts\n \n Dependencies for software products are exploding in number and with that comes a sprawling supply chain. A supply chain isn't just a build-time check, it's highly dynamic.\n\nEdgeBit watches in real time — we cross-reference your build pipelines here on GitHub and server fleet with multiple data sources to communicate your live inventory and actual risk.","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://edgebit.io/legal/privacy/","tos_url":"https://edgebit.io/legal/terms/","company_url":"https://edgebit.io","status_url":"https://status.edgebit.io","support_url":"https://edgebit.io/support/","documentation_url":"https://edgebit.io/docs/0.x/","pricing_url":null,"bgcolor":"fff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"eugene@edgebit.io","marketing_email":"founders@edgebit.io","finance_email":"rob@edgebit.io","direct_billing_enabled":false,"by_github":false,"security_email":"security@edgebit.io","listable_type":"Integration","listable_id":357519,"copilot_app":false}}},{"type":"marketplace_listing","id":"17829","state":"unverified","name":"Minder by Stacklok","free":true,"primary_category":"Security","secondary_category":"Code quality","is_verified_owner":false,"slug":"minder-by-stacklok","owner_login":"stacklok","resource_path":"/marketplace/minder-by-stacklok","installation_count":61,"full_description":"Minder by Stacklok is an open source and extensible platform that helps OSS maintainers and project owners consistently\nprotect their code repos, build pipelines, and artifacts from malicious attacks.\n","short_description":"An open source, extensible platform that helps you enforce security policies and settings across your GitHub organization","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17829?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17829,"state":6,"name":"Minder by Stacklok","slug":"minder-by-stacklok","short_description":"An open source, extensible platform that helps you enforce security policies and settings across your GitHub organization","full_description":"Minder by Stacklok is an open source and extensible platform that helps OSS maintainers and project owners consistently protect their code repos, build pipelines, and artifacts from malicious attacks.","extended_description":"# Minder Features\n\n### Repository configuration and security\n\nMost development teams have multiple repos—averaging 6x the number of developers. Minder helps you simplify configuration and management of security policies and settings across multiple project repos.\n\n### Proactive security enforcement\n\nContinuously enforce security best practices like secret scanning, branch protections, artifact signing and more by setting granular policies to alert or auto-remediate.\n\n### Artifact attestation\n\nMake sure your artifacts are tamper-proof by setting a policy to verify that all artifacts are signed using Sigstore, and display signature and verification status for those artifacts.\n\n### Dependency and license management\n\nManage your dependency security posture and supported licenses by helping developers make better choices and enforcing controls. Minder integrates with [Trusty](https://stacklok.com/trusty) to enable policy-driven management based on dependency risk level.","primary_category_id":6,"secondary_category_id":12,"privacy_policy_url":"https://www.iubenda.com/privacy-policy/85152077","tos_url":"","company_url":"https://stacklok.com/","status_url":"https://status.stacklok.com/","support_url":"https://docs.stacklok.com/minder/about/faq#how-do-i-get-support-for-minder","documentation_url":"https://docs.stacklok.com/minder/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"info@stacklok.com","marketing_email":"marketing@stacklock.com","finance_email":"accountspayable@stacklok.com","direct_billing_enabled":false,"by_github":false,"security_email":"security@stacklok.com","listable_type":"Integration","listable_id":863270,"copilot_app":false}}},{"type":"marketplace_listing","id":"17634","state":"unverified","name":"Puaro Security","free":true,"primary_category":"Security","secondary_category":"Continuous integration","is_verified_owner":true,"slug":"puaro-security","owner_login":"puaro-app","resource_path":"/marketplace/puaro-security","installation_count":3,"full_description":"Puaro Security provides a simple-to-use platform to detect and eliminate secrets in your code\n","short_description":"Secure your code today","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17634?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17634,"state":6,"name":"Puaro Security","slug":"puaro-security","short_description":"Secure your code today","full_description":"Puaro Security provides a simple-to-use platform to detect and eliminate secrets in your code","extended_description":"- Integrate Puaro easily into your source control system as part of CI/CD pipelines, ensure continuous scanning of your code, without the need to configure or maintain Puaro on your side.\n- Gets a detailed view of secrets found in your code at the PR level and enjoy comprehensive analytics to review security performance metrics.\n\n[Schedule a demo and learn more](https://puaro.io/contact-us)!","primary_category_id":6,"secondary_category_id":2,"privacy_policy_url":"https://puaro.io/legal/privacy","tos_url":"https://puaro.io/legal/terms-of-use","company_url":"https://puaro.io","status_url":"","support_url":"https://puaro.io","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"info@puaro.io","marketing_email":"info@puaro.io","finance_email":"info@puaro.io","direct_billing_enabled":false,"by_github":false,"security_email":"info@puaro.io","listable_type":"Integration","listable_id":856884,"copilot_app":false}}}],"total":11,"total_pages":1},"categories":{"apps":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Recently added","slug":"recently-added","description_html":"<p>The latest tools that help you and your team build software better, together.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}],"actions":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"GitHub Sponsors","slug":"github-sponsors","description_html":"<p>Tools to manage your <a href=\"https://github.com/sponsors\">GitHub Sponsors</a> community</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}]}},"title":"Marketplace"}