Security
Find, fix, and prevent security vulnerabilities before they can be exploited.
1291 results for "sort:popularity-desc" filtered by Security
Apps
GitGuardian
By GitGuardian
The #1 GitHub Security App – Find and fix hardcoded secrets in your GitHub repositories
337k installsSonarCloud
By SonarSource
Empowering developers to detect Security Vulnerabilities, Bugs, and Code Smells in pull requests and repositories
150k installsMend Bolt
By mend
Detect open source vulnerabilities in real time with suggested fixes for quick remediation
5.7k installsSemgrep
By semgrep
Code scanning at ludicrous speed. Find bugs and reachable dependency vulnerabilities. Enforce standards on every commit
5.7k installsBridgecrew
By bridgecrewio
Find and fix security and compliance issues in Terraform, AWS Cloudformation, ARM templates, Kubernetes, and more
5.1k installsRewind Backups for GitHub
By backhub
Automatic daily backups of your GitHub repos and metadata with on-demand restores to protect your business
RecommendedDrata (Version Control)
By drata
The Drata (Version Control) app uses read-only repo access to continuously monitor your SOC 2 compliance posture
3.2k installsActions
TruffleHog OSS
By trufflesecurity
Creator verified by GitHubScan Github Actions with TruffleHog
13.6k starsIs Website vulnerable
By lirantal
Scans a url for public javascript library vulnerabilities
1.9k starsMegaLinter
By oxsecurity
Creator verified by GitHubCombine all available linters to automatically validate your sources without configuration
1.7k starsStelligent cfn_nag
By stelligent
Execute cfn_nag_scan against the code in the repository where the GitHub Action workflow is run
1.2k starsAuthenticate to Google Cloud
By google-github-actions
Creator verified by GitHubAuthenticate to Google Cloud from GitHub Actions via Workload Identity Federation or service account keys
793 starsLegitify Analyze
By Legit-Labs
Creator verified by GitHubLegitify GitHub Action
699 starsAqua Security Trivy
By aquasecurity
Creator verified by GitHubScans container images for vulnerabilities with Trivy
648 starsSonarCloud Scan
By SonarSource
Creator verified by GitHubScan your code with SonarCloud to detect bugs, vulnerabilities and code smells in 26+ programming languages.
551 starsmobsfscan
By MobSF
Creator verified by GitHubmobsfscan is a SAST that can find insecure code patterns in your Android and iOS source code
512 starsDependency Review
By actions
Creator verified by GitHubPrevent the introduction of dependencies with known vulnerabilities
492 starsList your tool on GitHub Marketplace
Read the documentation
Learn how you can build tools to extend and improve developers' workflows.
Submit your tool for review
Share your app or GitHub Action with millions of developers.