![\"Supported](\"https://gallery.mailchimp.com/6c07c586e98eabf488f8ee14f/images/ee5bf0d2-a37a-43c7-b4ed-57a1d4e2fa42.png\")
\n\nWe currently support **static code analysis** and/or **vulnerable dependencies checks** for 20+ programming languages. GuardRails can also be used on any kind of repositories to prevent secrets leakage thanks to our **secrets detection** engines. \n\nGuardRails works out of the box, _no configuration required_. However, if you want a custom experience, please refer to our documentation for the [configuration](https://docs.guardrails.io/docs/configuration) options. For example, you can **integrate GuardRails with Slack** to get the right notifications right where you want them.","primary_category_id":6,"secondary_category_id":2,"privacy_policy_url":"https://www.guardrails.io/privacy","tos_url":"https://www.guardrails.io/docs/en/terms","company_url":"https://www.guardrails.io","status_url":"https://guardrailsio.statuspage.io/","support_url":"https://support.guardrails.io","documentation_url":"https://docs.guardrails.io","pricing_url":null,"bgcolor":"fff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":1042,"technical_email":"yamil@guardrails.io","marketing_email":"stefan@guardrails.io","finance_email":"sales@guardrails.io","direct_billing_enabled":false,"by_github":false,"security_email":"security@guardrails.io","listable_type":"Integration","listable_id":5512,"copilot_app":false}}},{"type":"marketplace_listing","id":"3768","state":"unverified","name":"Debricked","free":false,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"debricked","owner_login":"debricked","resource_path":"/marketplace/debricked","installation_count":2373,"full_description":"Debricked s tool allows you to discover known vulnerabilities in your open source-libraries in an early stage of your\ndevelopment process. Identify, fix and prevent open source vulnerabilities automatically with enforceable pipeline\nrules. Spend less time on manual security research and fixes; let Debricked do the work for you.\n\nDebricked is free for all open source projects!\n","short_description":"Automatically identify, fix and prevent vulnerabilities in your open source dependencies","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/3768?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":3768,"state":6,"name":"Debricked","slug":"debricked","short_description":"Automatically identify, fix and prevent vulnerabilities in your open source dependencies","full_description":"Debricked's tool allows you to discover known vulnerabilities in your open source-libraries in an early stage of your development process. **Identify**, **fix** and **prevent** open source vulnerabilities automatically with enforceable pipeline rules. Spend less time on manual security research and fixes; let Debricked do the work for you. \n\n**Debricked is free for all open source projects!** \n\n\n\n\n\n","extended_description":"Debricked makes it easy to maintain a good state of security in your project. \n\nThe tool allows you to:\n\n- Detect vulnerabilities in your direct and indirect dependencies\n- Integrate seamlessly with other systems used in your everyday workflow\n- Prioritise with the help of our own score, debAI, and make informed decisions \n- Fix vulnerabilities using our suggestions and advise as well as pull requests\n- Prevent dependencies with severe vulnerabilities from entry using automated rules\n- Prevent using dependencies with incompatible licenses\n\nWe support a [wide range of languages and package managers](https://debricked.com/documentation/language-support/), and more are being added as we go!\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://debricked.com/privacy-policy/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","tos_url":"https://debricked.com/terms-and-conditions/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","company_url":"https://debricked.com/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","status_url":"","support_url":"https://debricked.com/contact/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","documentation_url":"https://debricked.com/documentation/1.0/integrations/ci-build-systems/github?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","pricing_url":null,"bgcolor":"0d1840","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2763,"technical_email":"oscar.reimer@debricked.com","marketing_email":"joanna.qvarnstrom@debricked.com","finance_email":"daniel.wisenhoff@debricked.com","direct_billing_enabled":false,"by_github":false,"security_email":"martin.hell@debricked.com","listable_type":"Integration","listable_id":24490,"copilot_app":false}}},{"type":"marketplace_listing","id":"11060","state":"unverified","name":"Prisma Cloud Code Security","free":true,"primary_category":"Security","secondary_category":"Code Scanning Ready","is_verified_owner":true,"slug":"prisma-cloud-code-security","owner_login":"bridgecrewio","resource_path":"/marketplace/prisma-cloud-code-security","installation_count":2345,"full_description":"A single tool for securing IaC, container images and open source software across all modern architectures and software\nsupply chains\n","short_description":"A single tool for securing IaC, container images and open source software across all modern architectures and software supply","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/11060?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":11060,"state":6,"name":"Prisma Cloud Code Security","slug":"prisma-cloud-code-security","short_description":"A single tool for securing IaC, container images and open source software across all modern architectures and software supply","full_description":"A single tool for securing IaC, container images and open source software across all modern architectures and software supply chains","extended_description":"Prisma Cloud embeds comprehensive security across the software development cycle. The platform identifies vulnerabilities, misconfigurations and compliance violations in IaC templates, container images, open source packages and delivery pipelines. It offers misconfiguration scanning backed by an open source community and vulnerability analysis backed by years of expertise and threat research. With connected visibility and policy controls, engineering teams can secure their full stack without leaving their tools, while security teams can ensure that all deployed code is secure.","primary_category_id":6,"secondary_category_id":42,"privacy_policy_url":"https://www.paloaltonetworks.com/legal-notices/privacy","tos_url":"https://www.prismacloud.io/legal-notices/terms-of-use","company_url":"https://www.prismacloud.io/","status_url":"","support_url":"https://support.paloaltonetworks.com/","documentation_url":"https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-code-security/get-started/connect-your-repositories/add-github","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"toferregev@paloaltonetworks.com","marketing_email":"poneal@paloaltonetworks.com","finance_email":"kfung@paloaltonetworks.com","direct_billing_enabled":false,"by_github":false,"security_email":"ngabay@paloaltonetworks.com","listable_type":"Integration","listable_id":135857,"copilot_app":false}}},{"type":"marketplace_listing","id":"16019","state":"unverified","name":"Pixeebot | Automated code fixes.","free":true,"primary_category":"AI Assisted","secondary_category":"Security","is_verified_owner":true,"slug":"pixeebot-automated-code-fixes","owner_login":"pixee","resource_path":"/marketplace/pixeebot-automated-code-fixes","installation_count":1722,"full_description":"Code security is complex work. Let Pixeebot handle it for you.\n\nPixeebot currently supports Java and Python. Install now to get on the waitlist for future languages. ⨠AI features\nenabled by default. Learn more.\n\nJust as Dependabot keeps your dependencies up to date, Pixeebot helps ensure your code is - and stays - secure. Pixeebot\nimmediately starts monitoring your repository and makes suggestions that are easy for your team to absorb.\n","short_description":"Your Automated Product Security Engineer","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16019?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16019,"state":6,"name":"Pixeebot | Automated code fixes.","slug":"pixeebot-automated-code-fixes","short_description":"Your Automated Product Security Engineer","full_description":"# Code security is complex work. Let Pixeebot handle it for you.\n\n>Pixeebot currently supports **Java** and **Python**. Install now to get on the waitlist for future languages. ⨠AI features enabled by default. [Learn more](https://docs.pixee.ai/faqs/).\n\nJust as Dependabot keeps your dependencies up to date, Pixeebot helps ensure your code is - and stays - secure. Pixeebot immediately starts monitoring your repository and makes suggestions that are easy for your team to absorb.","extended_description":"### Pixeebot is not a code scanner, and itâs not going to send you reports. It just hardens your code and fixes stuff.\nNo findings to review, just PRs to accept+merge!\n\n### Harden code continuously\nEvery week, Pixeebot sends a pull request to your default branch with suggested security improvements. Even summon Pixeebot with **@pixeebot next** if youâre ready for more.\n\n### Fix vulnerabilities\nPixeebot also reviews results from your SAST code scanners and auto-remediates whenever possible. All you have to do is approve!\n\n### Uplevel security with PR tune-ups\nEach new pull request your team creates gets automatic feedback from Pixeebot, whether itâs confirmation that everything looks good, or a PR with suggestions. No reports, just actual code fixes you can merge in one step.\n\n### We keep up to date on security best practices, so you donât have to\nOur security experts stay on top of the latest research to make sure youâre protected from all the latest security threats.","primary_category_id":39,"secondary_category_id":6,"privacy_policy_url":"https://pixee.ai/privacy","tos_url":"https://pixee.ai/terms","company_url":"https://pixee.ai","status_url":"https://docs.pixee.ai/status","support_url":"https://docs.pixee.ai","documentation_url":"https://docs.pixee.ai","pricing_url":null,"bgcolor":"fbfafb","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4069,"technical_email":"david@pixee.ai","marketing_email":"surag@pixee.ai","finance_email":"surag@pixee.ai","direct_billing_enabled":false,"by_github":false,"security_email":"david@pixee.ai","listable_type":"Integration","listable_id":193111,"copilot_app":false}}},{"type":"marketplace_listing","id":"14380","state":"unverified","name":"Aikido Security","free":true,"primary_category":"Security","secondary_category":"Open Source management","is_verified_owner":true,"slug":"aikido-security","owner_login":"AikidoSec","resource_path":"/marketplace/aikido-security","installation_count":1666,"full_description":"Connect your GitHub, give read-only access to the repos of your choice, and get an overview of all your security threats\nin one platform. First results in 30 seconds, no joke.\n\nFalse-positive reduced by 95%. That s our secret sauce.\n\nWe cover:\n\n - Open source vulnerabilities\n - Open source licenses reporting audit\n - Cloud (mis)configuration checks\n - Secrets Detection (leaked exposed)\n - Surface Monitoring\n","short_description":"Prevent security issues before they become threats","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/14380?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":14380,"state":6,"name":"Aikido Security","slug":"aikido-security","short_description":"Prevent security issues before they become threats","full_description":"**Connect your GitHub, give read-only access to the repos of your choice, and get an overview of all your security threats in one platform. First results in 30 seconds, no joke.**\n\nFalse-positive reduced by 95%. That's our secret sauce.\n\n**We cover:**\n- Open source vulnerabilities\n- Open source licenses reporting & audit\n- Cloud (mis)configuration checks\n- Secrets Detection (leaked & exposed)\n- Surface Monitoring","extended_description":"**Only get alerts that matter to you**\nWeâve been there, sifting through massive amounts of security alerts, only a portion of which matter to you. After a while you ignore them, letting them stack up, creating additional risk. Weâll take the sifting off your hands, only notifying you when it matters.\n\n**Deduplication**\nVulnerabilities that affect repositories or clouds across your infrastructure are collapsed and grouped. This reduces alert overload and makes solving issues easier.\n\n**Auto-triage**\nAikido analyzes and monitors your codebase and infrastructure to automatically ignore issues that donât affect you. No more wasted time researching CVEs, only to find out that they donât apply to you.\n\n**Custom rules**\nReduce the noise even further by telling us which paths, packages, etc that arenât critical for us to monitor and we wonât bother you about them. We will still unignore them if they ever become a severe issue.","primary_category_id":6,"secondary_category_id":18,"privacy_policy_url":"https://www.aikido.dev/privacy-policy","tos_url":"https://www.aikido.dev/terms-of-use","company_url":"https://www.aikido.dev/","status_url":"https://status.aikido.dev/","support_url":"https://help.aikido.dev","documentation_url":"https://docs.aikido.dev","pricing_url":null,"bgcolor":"141031","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3513,"technical_email":"willem@aikido.dev","marketing_email":"felix@aikido.dev","finance_email":"roeland@aikido.dev","direct_billing_enabled":false,"by_github":false,"security_email":"willem@aikido.dev","listable_type":"Integration","listable_id":242558,"copilot_app":false}}},{"type":"marketplace_listing","id":"7316","state":"unverified","name":"Secureframe","free":true,"primary_category":"Security","secondary_category":"Monitoring","is_verified_owner":false,"slug":"secureframe","owner_login":"secureframe","resource_path":"/marketplace/secureframe","installation_count":1102,"full_description":"Secureframe helps hundreds of companies get enterprise ready by streamlining SOC 2 and ISO 27001 compliance. Secureframe\nallows companies to get compliant within weeks, rather than months and monitors 40+ services, including AWS, GCP, and\nAzure. Secureframe continuously collects audit evidence, runs security awareness training, manages vendors, monitors\ninfrastructure, and more, all automatically.\n","short_description":"Streamline your security compliance","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/7316?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":7316,"state":6,"name":"Secureframe","slug":"secureframe","short_description":"Streamline your security compliance","full_description":"Secureframe helps hundreds of companies get enterprise ready by streamlining SOC 2 and ISO 27001 compliance. Secureframe allows companies to get compliant within weeks, rather than months and monitors 40+ services, including AWS, GCP, and Azure. Secureframe continuously collects audit evidence, runs security awareness training, manages vendors, monitors infrastructure, and more, all automatically.","extended_description":"Our team of compliance experts and auditors are happy to help answer any questions and give you an overview of SOC 2 or ISO 27001, even if you don't need it today!\n\nOur customers save an average of 50% on their audit costs and hundreds of hours of their time. [Schedule a demo and learn how](https://secureframe.com/request-demo)!","primary_category_id":6,"secondary_category_id":14,"privacy_policy_url":"https://secureframe.com/privacy","tos_url":"https://secureframe.com/terms","company_url":"https://secureframe.com/","status_url":"https://status.secureframe.com/","support_url":"https://secureframe.com/support","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2220,"technical_email":"engineering@secureframe.com","marketing_email":"sales@secureframe.com","finance_email":"finance@secureframe.com","direct_billing_enabled":false,"by_github":false,"security_email":"security@secureframe.com","listable_type":"Integration","listable_id":66019,"copilot_app":false}}},{"type":"marketplace_listing","id":"9823","state":"verified","name":"GitProtect.io FREE Backup for GitHub","free":false,"primary_category":"Backup Utilities","secondary_category":"Security","is_verified_owner":true,"slug":"gitprotect-io","owner_login":"xoperosoftware","resource_path":"/marketplace/gitprotect-io","installation_count":1044,"full_description":"The ultimate GitHub Backup DR trusted by thousands of organizations - NHS, HEMA, RED, Netguru more.\n\nâI worked with other backup products and never felt comfortable that the backup plan was going to work as expectedâ -\nThe Wharton School\n\nBenefits:\n\n - Automatic backup of repos, metadata, LFS\n - #1 Disaster Recovery\n - Any storage - free cloud included or your own on-prem/S3/any cloud\n - Ransomware Protection\n - SOC 2 audited, best-in-class security\n","short_description":"Automatic, daily repo and metadata backup - no maintenance needed: fast restore, DR, AWS, and S3 cloud storage support","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/9823?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":9823,"state":3,"name":"GitProtect.io FREE Backup for GitHub","slug":"gitprotect-io","short_description":"Automatic, daily repo and metadata backup - no maintenance needed: fast restore, DR, AWS, and S3 cloud storage support","full_description":"**The ultimate[ GitHub Backup](https://gitprotect.io/github.html) & DR trusted by thousands of organizations** - NHS, HEMA, RED, Netguru & more.\n\nâ_I worked with other backup products and never felt comfortable that the backup plan was going to work as expected_â - The Wharton School\n\n**Benefits:**\n\n- Automatic backup of repos, metadata, LFS\n- #1 Disaster Recovery\n- Any storage - free cloud included or your own on-prem/S3/any cloud\n- Ransomware Protection\n- SOC 2 audited, best-in-class security","extended_description":"### Key features\n\n**Fast setup**\nAutomatic GitHub backup on schedule/on-demand\n\n**Repos & Metadata Backup**\nProtect the entire GitHub account- repos, LFS, all metadata -pull requests, issues, wikis, & more\n\n**Multi-storage for replication, not sync**\nUse free cloud storage included, or bring your on-prem/cloud, i.e. AWS S3, Azure, Google & more for replication and 3-2-1 backup\n\n**#1 Disaster Recovery**\nGranular restore or instant Disaster Recovery to many destinations - same/new account, local machine, other platforms\n\n**Ransomware Protection** \nBackup is last line of defense, so we made it ransomware-proof\n\n**ISO/SOC 2 compliance**\nAES257 encryption, own key, audit-ready reports, **best security proven by SOC 2**\n\n**Enterprise-class features**\nUnlimited retention, GFS, multitenancy& [all features](https://gitprotect.io/github-cheat-sheet.pdf)\n\nâď¸ [Book Demo](https://calendly.com/d/3s9-n9z-pgc/gitprotect-live-demo?utm_medium=marketplace&utm_source=gitprotect%20github&utm_campaign=demo)","primary_category_id":41,"secondary_category_id":6,"privacy_policy_url":"https://xopero.com/data-protection-policy/","tos_url":"https://xopero.com/terms/terms-of-service/","company_url":"https://xopero.com/","status_url":"","support_url":"https://support.xopero.com/hc/en-us/requests/new","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":"https://one.xopero.com/api/github/marketplace","how_it_works":null,"hero_card_background_image_id":2483,"technical_email":"g.bak@xopero.com","marketing_email":"g.bak@xopero.com","finance_email":"sales@xopero.com","direct_billing_enabled":false,"by_github":false,"security_email":"g.bak@xopero.com","listable_type":"OauthApplication","listable_id":1617854,"copilot_app":false}}},{"type":"marketplace_listing","id":"7736","state":"verified","name":"Cloudback: GitHub Backup & Restore","free":false,"primary_category":"Security","secondary_category":"Backup Utilities","is_verified_owner":true,"slug":"cloudback","owner_login":"cloudback","resource_path":"/marketplace/cloudback","installation_count":998,"full_description":"Cloudback secures your GitHub repositories with recurrent data backups\n\n - SOC2 in progress\n - Automatic backups\n - Self-sufficient password-protected ZIP archives with AES-256 encryption\n - Customer storages: S3, OneDrive, Azure, GCP, Wasabi, Alibaba, etc\n - Cloudback storages: USA, EU, UK, Asia\n - Data deduplication\n - Backup replication\n - Audit log\n - Instant email and messenger notifications: Slack, MS Teams, Discord\n - AWS S3 Object Lock and Tag Support\n - And more\n","short_description":"Backup repositories, metadata and LFS into AWS, Azure, OneDrive, GCP, etc. Pay per repositories, not seats. SOC2 in progress","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/7736?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":7736,"state":3,"name":"Cloudback: GitHub Backup & Restore","slug":"cloudback","short_description":"Backup repositories, metadata and LFS into AWS, Azure, OneDrive, GCP, etc. Pay per repositories, not seats. SOC2 in progress","full_description":"Cloudback secures your GitHub repositories with recurrent data backups\n- SOC2 in progress\n- Automatic backups\n- Self-sufficient password-protected ZIP archives with AES-256 encryption\n- Customer storages: S3, OneDrive, Azure, GCP, Wasabi, Alibaba, etc\n- Cloudback storages: USA, EU, UK, Asia\n- Data deduplication\n- Backup replication\n- Audit log\n- Instant email and messenger notifications: Slack, MS Teams, Discord\n- AWS S3 Object Lock and Tag Support\n- And [more](https://cloudback.it/pricing#all)","extended_description":"## Features\nWe offer the most comprehensive backup on the market. Cloudback lets you store all the information you need to restore the entire repository in the event of a disaster. Back up the GitHub repository code, issues, labels, comments, milestones, etc. \n\n### Customer-managed storages\n - Microsoft Azure Blob Storage\n - Microsoft OneDrive\n - Amazon S3\n - Google Cloud Storage\n - Alibaba Cloud Object Storage\n - OpenStack Swift\n\n### Customer-managed encryption keys\n- Coming soon\n \n### Cloudback-managed storages\n - US, EU, UK, Sidney, Singapore\n\n### Data deduplication \n- Reduce storage costs while using your own storage. [Learn more](https://cloudback.it/docs/deduplication).\n\n### Backup replication\n- Leverage composite storages to replicate backups across multiple locations.\n\n### Fair pricing\n- Pay per repository, not seats. \n- All features included, no matter the plan.\n\n### And more\n- Learn more about Cloudback features in our [docs](https://cloudback.it/docs/what-is-cloudback).","primary_category_id":6,"secondary_category_id":41,"privacy_policy_url":"https://cloudback.it/docs/privacy","tos_url":"https://cloudback.it/docs/terms","company_url":"https://cloudback.it/","status_url":"","support_url":"https://cloudback.it/contact","documentation_url":"https://cloudback.it/docs/what-is-cloudback","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":1921,"technical_email":"team@cloudback.it","marketing_email":"team@cloudback.it","finance_email":"team@cloudback.it","direct_billing_enabled":false,"by_github":false,"security_email":"team@cloudback.it","listable_type":"Integration","listable_id":74074,"copilot_app":false}}},{"type":"marketplace_listing","id":"8329","state":"unverified","name":"Secure Code Warrior for GitHub","free":true,"primary_category":"Security","secondary_category":"Learning","is_verified_owner":true,"slug":"secure-code-warrior-for-github","owner_login":"SecureCodeWarrior","resource_path":"/marketplace/secure-code-warrior-for-github","installation_count":823,"full_description":"Secure Code Warrior for GitHub brings secure coding learning to GitHub, making it easier for you to access the highly\nrelevant learning resources when you need them. Available in a number of programming languages and frameworks, these\nresources are fetched from our Learning Platform based on the vulnerability descriptions found in issues and pull\nrequests. Only the most relevant learning resources are added as comments - making learning a part of the developers\nconversations in GitHub.\n","short_description":"Resolve vulnerabilities faster with highly relevant in-app secure coding learning","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/8329?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":8329,"state":6,"name":"Secure Code Warrior for GitHub","slug":"secure-code-warrior-for-github","short_description":"Resolve vulnerabilities faster with highly relevant in-app secure coding learning","full_description":"Secure Code Warrior for GitHub brings secure coding learning to GitHub, making it easier for you to access the highly relevant learning resources when you need them. Available in a number of programming languages and frameworks, these resources are fetched from our Learning Platform based on the vulnerability descriptions found in issues and pull requests. Only the most relevant learning resources are added as comments - making learning a part of the developers' conversations in GitHub. ","extended_description":"### Get the help you need at the right time\nWhen a vulnerability issue is assigned to a developer, they are given help - in the form of learning content in comments - to resolve the issue. We call this contextual learning - bite-sized and highly relevant to the vulnerability in question.\n\n### Uses CWE or OWASP references to identify content\nThis app will serve training content based on Common Weakness Enumeration (CWE) or Open Web Application Security Project (OWASP) references identified in the issue or pull request title, body, labels, or comments. This has been designed to work with several popular security tools that can be configured to push findings into GitHub issues with these references automatically. The app will also search pull request status check output for these references and is compatible with GitHub CodeQL Code Scanning. If no references are included, this app will fall back to searching for common vulnerability names and phrases.","primary_category_id":6,"secondary_category_id":28,"privacy_policy_url":"https://securecodewarrior.com/privacy-policy","tos_url":"","company_url":"https://securecodewarrior.com","status_url":"","support_url":"https://help.securecodewarrior.com","documentation_url":"https://help.securecodewarrior.com/hc/en-us/articles/900001737346-Secure-Code-Warrior-for-Github-Issues-Configuration-Guide","pricing_url":null,"bgcolor":"333e48","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2048,"technical_email":"marketplace.admin@securecodewarrior.com","marketing_email":"marketplace.admin@securecodewarrior.com","finance_email":"marketplace.admin@securecodewarrior.com","direct_billing_enabled":false,"by_github":false,"security_email":"marketplace.admin@securecodewarrior.com","listable_type":"Integration","listable_id":41816,"copilot_app":false}}},{"type":"marketplace_listing","id":"8916","state":"unverified","name":"BluBracket Community Edition","free":true,"primary_category":"Security","secondary_category":null,"is_verified_owner":true,"slug":"blubracket-community-edition","owner_login":"BluBracket","resource_path":"/marketplace/blubracket-community-edition","installation_count":823,"full_description":"What if code security could be improved with the same techniques we use to improve code quality? Tests and code coverage\nreports integrated in our workflows giving us quick feedback on PRs and in our IDEs have helped us build better, faster,\nand more maintainable code together, and now itâs time to do the same to improve security.\n\nBluBracket is like đ Clippy for code security, butâyou knowânot as annoying and a lot more effective.\n","short_description":"BluBracket is like Clippy for code security, butâyou knowânot as annoying and a lot more effective","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/8916?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":8916,"state":6,"name":"BluBracket Community Edition","slug":"blubracket-community-edition","short_description":"BluBracket is like Clippy for code security, butâyou knowânot as annoying and a lot more effective","full_description":"What if code security could be improved with the same techniques we use to improve code quality? Tests and code coverage reports integrated in our workflows giving us quick feedback on PRs and in our IDEs have helped us build better, faster, and more maintainable code together, and now itâs time to do the same to improve security.\n\nBluBracket is like đ Clippy for code security, butâyou knowânot as annoying and a lot more effective.","extended_description":"đ Benefits\n-----------\n### đââď¸ Stop risks at the source\nEarly and automated feedback on pull requests, via pre-commit hooks, and in our IDEs, where and when we need it.\n### đ Comprehensive risk detection\nComprehensive detection of secrets, PII, non-inclusive language, and infrastructure as code risks in our code, as well as risks related to git access and configuration.\n### đ Find and fix risks already in your code\nClear severity scores and rich tools to filter and slice data so we can see the big picture and find actionable ways to improve code health now.\n### đ Track your code health improvement\nRich reporting to understand the big picture, the details, and track and report our continuous improvement over time.\n### đŚ Fifth element\nSeriously sci-fi risk detection and magical workflow support.","primary_category_id":6,"secondary_category_id":null,"privacy_policy_url":"https://blubracket.com/privacy/","tos_url":"https://blubracket.com/ceterms/","company_url":"https://blubracket.com","status_url":"","support_url":"https://docs.blubracket.com/","documentation_url":"https://docs.blubracket.com/","pricing_url":null,"bgcolor":"1b2199","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"payman@blubracket.com","marketing_email":"ajay@blubracket.com","finance_email":"prakash@blubracket.com","direct_billing_enabled":false,"by_github":false,"security_email":"infraops@blubracket.com","listable_type":"Integration","listable_id":89971,"copilot_app":false}}}],"total":122,"total_pages":7},"categories":{"apps":[{"name":"API management","slug":"api-management","description_html":"Structure your API infrastructure to enable various internet gateways to interact with your service.
\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"Utilities providing periodic backups of your GitHub data
\n"},{"name":"Chat","slug":"chat","description_html":"Bring GitHub into your conversations.
\n"},{"name":"Code quality","slug":"code-quality","description_html":"Automate your code review with style, quality, security, and testâcoverage checks when you need them.
\n"},{"name":"Code review","slug":"code-review","description_html":"Ensure your code meets quality standards and ship with confidence.
\n"},{"name":"Container CI","slug":"container-ci","description_html":"Continuous integration for container applications.
\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.
\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"Secure and manage your third-party dependencies.
\n"},{"name":"Deployment","slug":"deployment","description_html":"Streamline your code deployment so you can focus on your product.
\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"Enables custom protection rules to gate deployments with third-party services
\n"},{"name":"Game CI","slug":"game-ci","description_html":"Tools for building a CI pipeline for game development
\n"},{"name":"IDEs","slug":"ides","description_html":"Find the right interface to build, debug, and deploy your source code.
\n"},{"name":"Learning","slug":"learning","description_html":"Get the skills you need to level up.
\n"},{"name":"Localization","slug":"localization","description_html":"Extend your software's reach. Localize and translate continuously from GitHub.
\n"},{"name":"Mobile","slug":"mobile","description_html":"Improve your workflow for the small screen.
\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"Continuous integration for Mobile applications
\n"},{"name":"Monitoring","slug":"monitoring","description_html":"Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.
\n"},{"name":"Project management","slug":"project-management","description_html":"Organize, manage, and track your project with tools that build on top of issues and pull requests.
\n"},{"name":"Publishing","slug":"publishing","description_html":"Get your site ready for production so you can get the word out.
\n"},{"name":"Recently added","slug":"recently-added","description_html":"The latest tools that help you and your team build software better, together.
\n"},{"name":"Security","slug":"security","description_html":"Find, fix, and prevent security vulnerabilities before they can be exploited.
\n"},{"name":"Support","slug":"support","description_html":"Get your team and customers the help they need.
\n"},{"name":"Testing","slug":"testing","description_html":"Eliminate bugs and ship with more confidence by adding these tools to your workflow.
\n"},{"name":"Utilities","slug":"utilities","description_html":"Auxiliary tools to enhance your experience on GitHub
\n"}],"actions":[{"name":"API management","slug":"api-management","description_html":"Structure your API infrastructure to enable various internet gateways to interact with your service.
\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"Utilities providing periodic backups of your GitHub data
\n"},{"name":"Chat","slug":"chat","description_html":"Bring GitHub into your conversations.
\n"},{"name":"Code quality","slug":"code-quality","description_html":"Automate your code review with style, quality, security, and testâcoverage checks when you need them.
\n"},{"name":"Code review","slug":"code-review","description_html":"Ensure your code meets quality standards and ship with confidence.
\n"},{"name":"Container CI","slug":"container-ci","description_html":"Continuous integration for container applications.
\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.
\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"Secure and manage your third-party dependencies.
\n"},{"name":"Deployment","slug":"deployment","description_html":"Streamline your code deployment so you can focus on your product.
\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"Enables custom protection rules to gate deployments with third-party services
\n"},{"name":"Game CI","slug":"game-ci","description_html":"Tools for building a CI pipeline for game development
\n"},{"name":"GitHub Sponsors","slug":"github-sponsors","description_html":"Tools to manage your GitHub Sponsors community
\n"},{"name":"IDEs","slug":"ides","description_html":"Find the right interface to build, debug, and deploy your source code.
\n"},{"name":"Learning","slug":"learning","description_html":"Get the skills you need to level up.
\n"},{"name":"Localization","slug":"localization","description_html":"Extend your software's reach. Localize and translate continuously from GitHub.
\n"},{"name":"Mobile","slug":"mobile","description_html":"Improve your workflow for the small screen.
\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"Continuous integration for Mobile applications
\n"},{"name":"Monitoring","slug":"monitoring","description_html":"Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.
\n"},{"name":"Project management","slug":"project-management","description_html":"Organize, manage, and track your project with tools that build on top of issues and pull requests.
\n"},{"name":"Publishing","slug":"publishing","description_html":"Get your site ready for production so you can get the word out.
\n"},{"name":"Security","slug":"security","description_html":"Find, fix, and prevent security vulnerabilities before they can be exploited.
\n"},{"name":"Support","slug":"support","description_html":"Get your team and customers the help they need.
\n"},{"name":"Testing","slug":"testing","description_html":"Eliminate bugs and ship with more confidence by adding these tools to your workflow.
\n"},{"name":"Utilities","slug":"utilities","description_html":"Auxiliary tools to enhance your experience on GitHub
\n"}]}},"title":"Marketplace"}