Security
Find, fix, and prevent security vulnerabilities before they can be exploited.
300 results for "sort:popularity-desc" filtered by Security Verified Creator
Apps
GitGuardian
By GitGuardian
The #1 GitHub Security App – Find and fix hardcoded secrets in your GitHub repositories
353k installsSonarCloud
By SonarSource
Empowering developers to detect Security Vulnerabilities, Bugs, and Code Smells in pull requests and repositories
160k installsSemgrep
By semgrep
Code scanning at ludicrous speed. Find bugs and reachable dependency vulnerabilities. Enforce standards on every commit
6.6k installsMend Bolt
By mend
Detect open source vulnerabilities in real time with suggested fixes for quick remediation
5.7k installsBridgecrew
By bridgecrewio
Find and fix security and compliance issues in Terraform, AWS Cloudformation, ARM templates, Kubernetes, and more
5.1k installsRewind Backups for GitHub
By backhub
Automatic daily backups of your GitHub repos and metadata with on-demand restores to protect your business
RecommendedDrata (Version Control)
By drata
The Drata (Version Control) app uses read-only repo access to continuously monitor your SOC 2 compliance posture
3.5k installsActions
TruffleHog OSS
By trufflesecurity
Creator verified by GitHubScan Github Actions with TruffleHog
14k starsMegaLinter
By oxsecurity
Creator verified by GitHubCombine all available linters to automatically validate your sources without configuration
1.8k starsAuthenticate to Google Cloud
By google-github-actions
Creator verified by GitHubAuthenticate to Google Cloud from GitHub Actions via Workload Identity Federation or service account keys
837 starsLegitify Analyze
By Legit-Labs
Creator verified by GitHubLegitify GitHub Action
715 starsAqua Security Trivy
By aquasecurity
Creator verified by GitHubScans container images for vulnerabilities with Trivy
697 starsSonarCloud Scan
By SonarSource
Creator verified by GitHubScan your code with SonarCloud to detect bugs, vulnerabilities and code smells in 26+ programming languages.
572 starsDependency Review
By actions
Creator verified by GitHubPrevent the introduction of dependencies with known vulnerabilities
542 starsmobsfscan
By MobSF
Creator verified by GitHubmobsfscan is a SAST that can find insecure code patterns in your Android and iOS source code
541 starsHarden-Runner
By step-security
Creator verified by GitHubHarden-Runner provides runtime security for GitHub-hosted and self-hosted runners
531 starsSnyk
By snyk
Creator verified by GitHubCheck your applications for vulnerabilties using Snyk
478 starsList your tool on GitHub Marketplace
Read the documentation
Learn how you can build tools to extend and improve developers' workflows.
Submit your tool for review
Share your app or GitHub Action with millions of developers.