Cloud & App Security Product Insights

v1.20 Added vendors: Boundary-Breakers_Exaforce, Boundary-Breakers_Cytix, LLM_TrojAI, LLM_Marqus, ASPM_BlueFlag, ASPM_Rainforest, ASPM_FluidAttacks, Code-Fixers_ZeroPath, Mobile_appdome, Data_Formal, Data_Teleskope, Data_Cyera, MDM_Jamf, MDM_Kandji, MDM_Evren, Asset_JupiterOne, Asset_Axonius, CDR_Cortex, Remediation-Platforms_Mondoo, Remediation-Platforms_Conviso, Kubernetes_BiFrost, Kubernetes_Nirmata, SIEM_AIStrike, SIEM_Exaforce, RASP_Dynatrace, SaaS_Vorlon, SaaS_Nudge, SaaS_AppOmni, SaaS_Astrix, SaaS_Reco, IaC_Zest, IaC_Blast, IaC_Nirmata, Cloud-Identity_Lumeus, Cloud-Identity_Doppler, Cloud-Identity_BlueFlag, DAST_Bright, DAST_Ghost, MDR_Cyrebro, API_Ghost

High level changes:

Added new categories: Asset Management, Data Security, SaaS Security
Renamed Remediation Platforms to Vulnerability Management (CTEM)
Added new “hands-on” tag to indicate which tools we’ve been hands on with, and ranked vendors more heavily weighted with this.
Massive Javascript optimizations

Vendors added:

Added Exaforce to boundary breakers - AI + SIEM is a step beyond AI + Logs
Added Cytix to boundary breakers - monitors places where change happens for on demand pentesting of new endpoints
Added TojAI to LLMs - runtime testing and protection for LLMs with on-prem hosting
Added Marqus to LLMs - runtime security for LLMs
Added Blueflag to ASPM and cloud identity - identity based ASPM and detection, JIT for git
Added Rainforest to ASPM - code security with brand protection, hosted via on-prem vm
Added FluidAttacks to ASPM - ASPM scanning + services
Added Zeropath to Code-fixers - AI SAST = the next generation, no cap
Added AppDome to Mobile - the most robust mobile app runtime protection
Added Formal to the new data category - awesome runtime data aliasing
Added Teleskope to the new data category - data access control for data stores and SaaS
Added Cyera to Data - classical DSPM
Added Jamf to new MDM category - the apple MDM king
Added Kandji to the new MDM category - the strong jamf alternative
Added Evren to the new MDM category - a smart developer MDM alternative to virtual machines
Added JupiterOne to the new Asset Management category - great all in one queryable and customizable asset management
Added Axonius to the new Asset Management category - Great asset and vulnerability management capabilities
Added Cortex CDR to CDR - now it works with cloud
Added Mondoo to Vuln Mgmt - ambitious all in one vulnerability scanning and management
Added Conviso to Vuln Mgmt - vulnerability management + services
Added Biforst to Kubernetes Security - automatic apparmor policy generation
Added Added Nirmata to Kubernetes Security and IaC - policy as code enforcement
Added AI-Strike and Exaforce to SIEM - AI first SIEMs
Added Dynatrace to ADR - strong RASP like capabilities provided via their agent
Added Vorlon to SaaS - SaaS discovery and runtime protection
Added Nudge to SaaS - SaaS discovery and onboarding/offboarding automation
Added AppOmni to SaaS - SaaS discovery and posture
Added Astrix to SaaS - they don’t go to market as SaaS, but strong OAuth protection
Added Reco to SaaS - Shadow IT discovery, threat detection, and posture management
Added Zest to IaC - Remediation focused IaC and Cloud Posture
Added Blast to IaC - IaC policy enforcement
Added Lumeus to Cloud Identity - very strong developer workload access
Added Doppler to Cloud Identity - secrets management for devs
Added Bright to DAST - fully featured DAST solution
Added Ghost to DAST and API security - API first dast and discovery leaning into AI capabilities
Added Cyrebro to MDR - re-sellable EDR, SaaS, and SIEM security for MSSPs and MDRs

v1.19 Added vendors: Remediation-Platforms_AppSOC, LLM_Zenity, SCA_Kusari, Corporate_Identity_Axiad

v1.18 Added vendors: Boundary-Breakers_Edera, Remediation-Platforms_JupiterOne, Remediation-Platforms_Brinqa, LLM_Operant, Mobile_Quokka, PT_Doyensec, PT_Ethiack, CDR_KSOC, CDR_ARMO, CDR_ClearVector, Container-Runtime_Edera, Container-Runtime_ClearVector, RASP_Operant, RASP_Arcjet, Compliance_Zania, Compliance_Conveyor, SCA_Lineaje, Cloud-Identity_Clutch, Cloud-Identity_Permiso, Cloud-Identity_WhiteSwan, Cloud-Identity_Breez, Cloud-Identity_Procyon, DAST_Ethiack, DAST_Intruder, DAST_HCL_AppScan, MDR_Tamnoon, MDR_Cygnostic, API_AppSentinels, Compliance_SafeBase, Cloud-Identity_ClearVector

Added Edera to Boundary Breakers and container runtime - a unique solution for isolating container workloads making them actually function like VMs instead of playing pretend like we do
Added JupiterOne to Remediation Platforms - JupiterOne is easy data lake management, so you it can fit into really any category.
Added Brinqa to Remediation Platforms - A good vulnerability management platform for enterprises with a lot of diverse workloads
Added Operant to LLM - the team at operant has been busy applying their CADR tool to AI workloads
Added Quokka to Mobile - a cool option for static and dynamic analysis of mobile app binaries
Added Doyensec to Pentesters - smart team with great Javascript expertise
Added Ethiack to DAST - DAST and pentesting combined, now featuring AI
Added Rad and ARMO to CDR - an overdue update from when I kept CDR separate from needing an agent
Added Clearvector to CDR, Container Runtime, and Cloud Identity - a holistic identity focused approach to detection and resposne
Added Arcjet to ADR - okay okay this one is more a RASP but it does cool stuff for some easy security in JavaScript and I’m not making a separate category for RASP from ADR>
Added Zania to GRC Automation - This tool is very cool and will uplift existing standards for compliance reporting since LLMs read better than humans do.
Added Conveyor to GRC Automation - the leader in questionnaires and trust centers keeps doing that.
Added Safebase to GRC automation - ez button for a security webpage and NDA request flows
Added Lineaje to SCA - everything a nerdy SBOM and attestation lover could as for.
Added Clutch to Cloud Identity - an extremely strong solution for NHI management and insights
Added Permiso to Cloud Identity - they were under boundary breakers but now that I have this cloud identity category it’s a better fit - extremely strong ITDR platform
Added Whiteswan to Cloud Identity - A great solution to grant and track access to Windows cloud workloads - you can even do stuff like require MFA for specific file access!
Added Breez to Cloud Identity - Identity threat detection for cloud resources
Added Procyon to Cloud Identity - JIT for cloud workloads
Added Intruder to DAST - a strong web based network and application DAST scanner
Added HCL Appscan to DAST - a desktop based DAST that’s aight.
Added Tamnoon to MDR and Remediation Platforms - A unique approach to getting CNAPP findings resolved - is such a thing even possible??
Added Cygnostic to MDR - a managed service offering for application and cloud security
Added AppSentinels to API Security - an extremely strong and competitive offering for API security

v1.17 Added vendors: CNAPP_Uptycs, Boundary-Breakers_AIStrike, Boundary-Breakers_nanovms, Boundary-Breakers_Security_Runners, Boundary-Breakers_Dropzone, Boundary-Breakers_Cloudfence, Boundary-Breakers_Chaser, Boundary-Breakers_Kosli, Remediation-Platforms_Vicarius, CSPM_CodeShield, LLM_Aim, LLM_Unbound, LLM_AppSOC, ASPMs_Phoenix_Security, ASPM_Soos, ASPM_Codacy, ASPM_StartLeftSecurity, ASPMUptycs, PT_Kulkan, Container-Runtime_Uptycs, RASP_Deepflow, SCA_Soos, SCA_StartLeftSecurity, IaC_StartLeftSecurity, Container-Vulnerability_Autonomous, Container-Vulnerability_Soos, Container-Vulnerability_StartLeftSecurity, Cloud-Identity_Oasis, Cloud-Identity_Token, MDR_Fortra, API_Aikido, Corporate_Identity_BalkanID, SAST_Soos, SAST_StartLeftSecurity

Added AI Strike to Boundary Breakers - Unique combo of SIEM + CSPM with layered LLM throughout
Added NanoVMs to Boundary Breakers - A dope implementation of unikernels - I didn’t know what these were
Added Security Runners to Boundary Breakers - Neat project to test cloud detection rules, with misconfigured resources deployed with Go
Added DropZone to Boundary Breakers - Security analyst but with LLMs
Added Cloud-fence to Boundary Breakers - Too useable to be “just a CSPM”, great focus on practioner needs with network and identity in the cloud
Added Chaser to Boundary Breakers - Unique enforcement of network egress traffic via security groups
Added Kosli to Boundary Breakers - Granular attestation for files, which can be applied to a bunch of use cases
Added Vicarius to Remediation Platforms - A modern tenable alternative
Added CodeShield to CSPM - Attack simulation (attack paths) focusing on identifying risky permissions
Added Aim Security to LLM - A fully featured LLM Security platform
Added Unbound to LLM - A browser plugin and proxy based approach for sanitization and visibility
Added AppSoc to LLM - More of an MLBOM approach to LLM security, focusing on the governance and risk of model choice
Added Phoenix Security to ASPM - Francesco appeased me by adding enough of their own scanners to qualify - still a great choice on the vulnerability management side of ASPM
Added SooS to ASPM, SCA, SAST, & Container - All in one code scanner
Added Codacy to ASPM - Code health and security, a la sonarcloud, with rich integration support
Added StartLeftSecurity to ASPM, SCA, IaC, SAST, and Container - All in one code scanner
Added Uptycs to CNAPP, ASPM, Container Runtime, - Most fully featured CNAPP, even though that creates usability bloat. Good K8s visibility
Added Kulkan to Pentesting - great pentesting shop specializing in hybrid environments
Added Deepflow to ADR - open source application tracing and profiling
Added Autonomous to Container Vulnerability - A great evolution of Docker Slim for creating low profile docker images, one might argue better than other approaches???
Added Oasis to Cloud Identity - Comprehensive non-human identity scanning and access graphs
Added Token to Cloud Identity - Identity scanner with some workload support, looking for identity configuration issues
Added Fortra to MDR - A surprisingly robust set of homegrown features - from ELK to WAF - to provide comprehensive mid market security coverage
Added Aikido to API Security - The homies squeak into this category with their RASP and DAST
Added BalkanID to Corporate Identity - Platform for SaaS access management - from over-privileged detection to workflows

v1.16 Added vendors: CSPM_Kloudle, PT_Include_Security, DAST_Nightvision, API_Traceable, API_Nightvision

Added Include Security to Pentest - offering in depth technical pentesting
Added Nightvision to DAST and API Security - builds API docs based on your code and then tests them
Added Traceable to API Security - in depth runtime focused API security that excels due to it’s numerous integration possibilities
Added Kloudle to CSPM - simple on demand CSPM scanning

v1.15 Added vendors: CNAPP_Tenable, Boundary-Breakers_Formal, Boundary-Breakers_HoundDog, Boundary-Breakers_Mimic, Remediation-Platforms_Zafran, Remediation-Platforms_Cyclops, CSPM_CheckRed, LLM_Mindgard, Code-Fixers_DryRun, Code-Fixers_Seezo, CDR_StreamSecurity, Container-Runtime_Sweet_Security, Kubernetes_Aqua_Security, RASP_Miggo, RASP_Oligo, SCA_Netrise, SCA_ReversingLabs, SCA_Coana, SCA_Contrast_Security, Container-Vulnerability_Endor, Cloud-Identity_Andromeda, API_42Crunch, API_Firetail, API_noname, API_SaltSecurity, SAST_Contrast_Security

Added Formal to boundary breakers - Very cool reverse proxy for inbound data flows
Added hounddog to boundary breakers - Checking for sensitive data leaks
Added Zafran to remediation platforms
Added Cyclops to remediation platforms
Added CheckRed to CSPM - CSPM with some neat SaaS rules
Add Tenable Cloud to CNAPP - Ermetic with a rebrand
Changed RASP to ADR, added Miggo and Oligo
Added 42 Crunch to API security - built around OpenAPI specs
Added Firetail to API security - API discovery and protection via SDK
Added Noname to API security - a network engineer’s approach to API security
Cleaned up boundary breakers a bit - moved DryRun, Grit, and Moderne to “code fixers”
Added Mimic to boundary breakers - deception based ransomeware protection
Reorded CDR in light of my new definitions
Added Stream Security to CDR - agentless CDR with a bigger focus on integration and attack paths
Added Andromeda to Cloud Identity - a more holistic attempt at making least privileged access a reality
Added Procyon to cloud identity - JIT access
Added Seezo to code fixers - turning design docs into security requirements
Added some gaps I had with Sweet, Rad, and Sternum not being on container runtime
Added Endor to container vulns
Updated Chainguard description
Added Mindgard to LLM
Added Netrise, Reversing Labs, and Coana to SCA
Added Contrast to SCA and SAST since they do that testing via the instrumentation

v1.14 Added vendors: Boundary-Breakers_Ophion, Boundary-Breakers_Zenity, PT_Ophion, PT_Inspecitv, SCA_Scribe

Added Ophion to Boundary Breakers - the most in depth automated recon I’ve seen, the closest to an actual automated pentest instead of just bad DAST and nmap scanning
Added Zenity to Boundary Breakers - Creating a security platform for no/low code solutions like Salesforce and Servicenow
Added Inspectiv to Pentesting - Bug bounty and pentesting where they do some of the grunt work for you
Added Scribe to SCA - in depth SBOM and attestation management

v1.13 Added vendors: Boundary-Breakers_Bedrock_Systems, LLM_Noma, Mobile_Approov, Container-Runtime_Sternum, Container-Runtime_Bedrock_Systems, Container-Vulnerability_Oligo_Security

Added Bedrock Systems to Boundary Breakers and Container Runtime - an extremely nerdy level of security by providing a hypervisor for linux workloads
Added Noma Security to LLMs - a very unique approach to LLM security that focuses on securing data pipelines instead of just LLMs themselves
Added Approov to Mobile - a runtime oriented approach to validating the security of an app before fetching sensitive data
Added Sternum to Container runtime - another nerdy level of container security, but focused on memory exploits and expanding into other CWEs
Added Oligo to container vulnerability because somehow I only had them under container runtime and SCA before

v1.12

Added Leen to Boundary Breakers - a unified API for vulnerability data
Added Tracebit to Boundary Breakers - Honeypot infrastructure for your cloud
Added Turbot to Cloud Identity, Secret Scanning, IaC, and CSPM - guard rails and enforcement on top of querying cloud data
Added Cremit to Secrets Scanning - Secrets scanning + real time monitoring
Added Pillar to LLM - Library based application detection and protection
Added OpenRefactory to SAST - focusing on building an amazing SAST engine above all else

v1.11 Added vendors: Boundary-Breakers_Seedata, Remediation-Platforms_SecOps_Solution, Code-Fixers_Infield, Cloud-Identity_Sonrai, Corporate_Identity_Push_Security

Added Seedata to Boundary Breakers - Honeypots as a service is dope and underrated
Added SecOps Solution to Remediation Platforms - Network based vuln scanning and patching. It’s not the cleanest fit but I don’t have a separate category for general vuln scanning
Added Infield to Code Fixers - Great team offering SaaS and services for painful version upgrades
Added Sonrai to Cloud Identity - Probably the fastest way to get your cloud 80% more secure than it was before by focusing on boundaries instead of least privileged
Added Push Security to Corporate Identity - Browser plugin for detecting unsafe SaaS use/risk from employees

v1.10 Added vendors: Boundary-Breakers_VulnCheck, Remediation-Platforms_RevealID, CSPM_Aikido, MDM_Fleet, PT_Intigriti, Container-Vulnerability_Aikido, DAST_Aikido, DAST_EdgeScan

Added VulnCheck to boundary breakers - Excellent threat feed like enrichment of vulnerability exploit data
Added REVEALD to Remediation Platforms - Not the cleanest fit, but trying to avoid creating a CTEM category
Added Aikido to the gaps - hard to keep track of all the scanners when you’re 9-in-1
Added Intigriti to Pen Testing - bug bounty but better
Added EdgeScan to DAST - lots of pentesty services

v1.8 Added vendors: Boundary-Breakers_Myrror, Code-Fixers_Nullify, SCA_Myrror

Added Myrror to SCA and Boundary Breakers
Added Nullify to code-fixers

v1.7 Added vendors: Boundary-Breakers_Devici, SCA_Phylum, SCA_Tidelift, Cloud-Identity_InstaSecure, DAST_Akto, API_Akto

Added Devici to boundary breakers - I think we’re going to see more tools dedicated to threat modelling. As people realize that developers handle application security testers better than security experts do, there will be a greater emphasis on the threat modelling and change processes.
Added Phylum to SCA - Another provider focused on upstream malware detection, going far beyond CVE detection and response workflows
Added Tidelift to Boundary Breakers & SCA - the only platform where you can work with maintainers directly, instead of mindlessly opening GitHub CVE issues never to get fixed

v1.6 Added vendors: Remediation-Platforms_Dependency_Track, Secret-Scanning_Legit_Security, Code-Fixers_Staris, PT_Staris, PT_MindPoint_Group, SCA_Socket, IaC_Legit_Security, Container-Vulnerability_Legit_Security, DAST_Staris, MDR_MindPoint_Group, SAST_Staris

Added Legit Security to Container Vulnerability, IaC, SCA, Secret Scanning, and SAST
Added Staris to Pentesting, Code Fixers, SAST, and DAST
Added MindPoint Group to MDR and Pentest
Added Socket to SCA

v1.5 Added vendors: Boundary-Breakers_Seal, Boundary-Breakers_Grit, Secret-Scanning_Qwiet, ASPM_Qwiet, Code-Fixers_Seal, Code-Fixers_Grit, Code-Fixers_Amplify, SCA_Seal, SCA_Xigeni, SCA_Qwiet, SCA_Checkmarx, IaC_Qwiet, IaC_Checkmarx, Container-Vulnerability_Qwiet, Container-Vulnerability_Checkmarx, DAST_Pynt, DAST_Checkmarx, API_StackHawk, API_Escape, API_Pynt, SAST_Qwiet

Added Seal Security to Boundary Breakers, Code Fixers, and SCA - Truly ambitious plans to backport vulnerability patches to make auto-patching a reality
Added Grit to Boundary Breakers and Code Fixers - Another ambitious project to create automation playbooks for major framework updates and changes
Added Qwiet to ASPM, Secrets, IaC, SCA, SAST, and Container
Added Amplify Security to Code Fixers
Added Pynt to API Security and DAST
Added Escape and StackHawk to API Security
Added Checkmarx to DAST, SCA, and Container

v1.4 Boundary-Breakers_Xigeni, Code-Fixers_Latio, Container-Runtime_ARMO, Container-Runtime_Operant, Container-Runtime_Oligo_Security, API_Impart, API_Operant, API_Levo, API_AWS, API_Wallarm, API_Cloudflare, API_F5, API_Fortinet

Removed Mobb, Pixee, and Corgea from Remediation Platforms and created a new category called Code Fixers
Changed WAF to API Security
Moved Code Fixers, ASPM, Remediation Platforms, and API Security to “Trending”
Added Xigeni to Boundary Breakers - it took me a while of diving into the platform, but Xigeni has built a really unique solution to supply chain security instead of what have become the standard checkboxes for ASPM
Added LAST to code fixers
Added Armo to Container Runtime with KubeCop
Added Operant to Container Runtime, API Security, and Kubernetes
Added Levo to API
Added TrustOnCloud to Boundary Breakers

v1.3 Added vendors: CSPM_Cycode, Container-Runtime_Upwind, IaC_Aqua_Security, Container-Vulnerability_Cycode, Container-Vulnerability_Mend, Container-Vulnerability_Apiiro, Container-Vulnerability_Veracode, SAST_Mend, SAST_Aqua_Security

Added Mend to SAST and Container scanning - they’ve expanded into these capabilities from SCA
Added Upwind to Container Runtime
Added Cycode to container vulnerability and CSPM
Updated Phoenix Security description
Added Akitra to automated GRC
Added Veracode to Container Vulnerability
Added Aqua Sec to SCA, SAST, IaC
Added Apiiro to container vulnerability

v1.2 Added vendors: Secret-Scanning_Xigeni, LLM_Harmonic, ASPM_Xigeni, IaC_Xigeni, Cloud-Identity_Abbey, Corporate_Identity_Veza

Added Xigeni to ASPM and related categories - unique approach to detecting active threats in your supply chain
Added Harmonic to LLM - focus on LLM security with an emphasis on identifying contextual data types
Added Abbey to Cloud Identity - really great terraform workflow for access requests
Added Veza to Corporate Identity - great ability to query and alert on user access and who has access to what

v1.1 Added vendors: Cloud-Identity_P0_Security, Corporate_Identity_Crosswire, Corporate_Identity_ConductorOne, Corporate_Identity_Opal

Added P0 Security to Cloud Identity - awesome JIT access for dev resources
Added Crosswire to Corporate Identity - great okta runtime alerting and config checking
Added LeakSignal to Kubernetes Security - really great and needed kubernetes network security solution
Updated DevOcean description - pushing the possibility of remediation platforms

v1.0

Created RASP, LLM, CDR, Corporate Identity, and Cloud Identity categories
Added DataDog to RASP
Added Contrast Security to RASP
Created LLM Category
Added Prompt Security to LLM
Added Apex Security to LLM
Added Lakera to LLM
Added Lasso Security to LLM
Added BoostSecurity to ASPM, SCA, SAST, IaC, Secrets, and Container Vulnerability
Added Cyscale to CNAPP and CSPM
Added Elastio to CNAPP - this isn’t a really clean category fit
Added Garantir to Corporate Identity
Moved Mobb to Remediation Platform
Added Pixee to Remediation Platform
Added Backslash to ASPM, SCA, SAST, and Secrets
Added Dazz to Secrets
Added Probely to DAST
Added Paraxial to SAST, SCA, and RASP
Added Gokomo to Identity
Added Argos to Pentest
Moved a bunch of people to CDR
Added Rezilion to ASPM, Container Vulnerability, and ASPM

v0.9

Added Silk Security to Remedation Platforms
Added Opus Security to Remediation Platforms
Added Tromzo to Remediation Platforms
Added Firemon to CSPM & CNAPP
Added ChainGuard to Container Vulnerability
Added Abira Security to Pentesting

v0.8

Added button to link to Youtube and Long form newsletters
Created new Kubernetes category to focus on companies that are providing unique value to k8s environments
Added KSOC to Kubernetes
Added ARMO to Kubernetes
Added Accuknox to Kubernetes
Added Tigera to Kubernetes
Added Spyderbat to Kubernetes
Added Sysdig to kubernetes
Added Datadog to Kubernetes
Updated Endor SCA description
Added Nosey Parker to Secrets
Added Plerion to CNAPP and CSPM
Added Gem to CNAPP

v0.7

Added Pangea to Boundary Breakers
Made the executive decision that if you offer your own scanning focusing on complete coverage of app scanning, then you’re an ASPM. If you purely ingest vulnerabilities from other tools, then you’re a remediation platform. ASPM (broadly) is missing runtime visibility, and Remediation Platforms don’t intend to provide meaningful value from their own scanners.
Added Deepfence to CNAPP
Added Deepfactor to Container Runtime
Added Prowler to CSPM
Added Phoenix Security to Remediation Platforms
Added Armorcode to Remediation Platforms
Small wording changes
Small positioning changes - I’m now comfortable saying that providers are positioned in a general order of how cool I think they are, with a sprinkle of “I want to give more attention to smaller companies.”

v0.6

Created ASPM and Mobile Categories
Added Ox Security to ASPM
Added Arnica to ASPM
Added Cycode to ASPM
Added Oxeye to ASPM
Removed Bionic from boundary breaker, added to ASPM
Added Apiiro to ASPM
Added JIT to ASPM
Added Legit Security to ASPM
Added Tromzo to ASPM
Added Kondukto to ASPM
Added Synopsys to ASPM
Added Riscocity to Boundary Breakers
Added Dry Run to Boundary Breakers
Added Moderne to Boundary Breakers
Added Tigera to CNAPP
Added Rapidfort to Container Vulnerabilities
Added Slim to Container Vulnerabilities
Added Ox to SAST, SCA, Secret-Scanning, and IaC
Added Oxeye to DAST, SAST, secret-scanning and SCA
Added Arnica to IAC, SAST, secret-scanning and SCA
Added Apiiro to SCA, IAC
Added Mobb to SAST
Added DeepFactor to SCA
Added Fossa to SCA
Added Impart to WAF
Added Pangea to WAF
Added Wallarm to WAF
Added Corellium to Mobile
Added Zimperium to Mobile
Added Now Secure to Mobile
Made sidebar scrollable

v0.5

Added Query.ai to SIEM
Added Cyrex to Pentest
Added Raito to Identity
Added Kudelski to MDR
Added Docker Scout to Container Vulnerability

v0.4

Add Entro to Identity
Add Slauth to Identity and IaC
Add Aikido to Boundary-Breakers
Add Skyhawk to CNAPP
Add Lumos to Identity
Add Armo to Container Vulnerability
Add Spyderbat to container runtime

v0.3

Updated CIEM to Identity
Added Axiom
Added Astrix
Added Kivera
Added Stack Identity
Added Teleport
Added Kodem to Container-vulnerability
Added Orca to CSPM

v0.2

Legit Security description updated and moved to remediation platform
SentinelOne description updated to better reflect their container capabilities
Added AccuKnox to CNAPP and Container-Runtime
Added Endor Labs to SCA
Added Bionic to Boundary Breakers
Added Bearer.sh to SAST
Added hackerone to pentest
Updated Seemplicity description
Updated Avalor description
Added Dig Security to Boundary Breakers
Added Lakera as a Boundary Breaker

v0.1

Added Wiz to Container-Runtime Security
Removed Dazz from Boundary-Breakers and created new Category “Remediation Platforms”
Added Seemplicity, Avalor, Dazz, DevOcean, Vulcan, and Nucleus to the new category along with category description
Added Permiso to Boundary Breakers
Added Semgrep and Legit Security to SCA
Considered adding ASPM as a category, but not sure enough it’s a real thing
Added Gomboc, Oak9, and Resourcely to IAC
TODO: DLP Category