{"payload":{"featured":[],"recommended":[],"recently_added":[],"search_results":{"results":[{"type":"marketplace_listing","id":"706","state":"verified","name":"Rewind Backups for GitHub","free":false,"primary_category":"Security","secondary_category":"Backup Utilities","is_verified_owner":true,"slug":"backhub","owner_login":"backhub","resource_path":"/marketplace/backhub","installation_count":3773,"full_description":"The most downloaded Backup app for GitHub, managing 500,000+ backups daily.\n\nRewind is a leading SaaS backup company, trusted by 100,000+ organizations.\n\n  - Automatic daily backups, including metadata\n  - On-demand Restores in a few clicks\n  - Backups synced to your S3 and Azure storage with Cloud Sync\n  - AES-256 Encryption, audit log and data residency\n  - The only SOC 2, Type 2 compliant backup app for GitHub\n","short_description":"Automatic daily backups of your GitHub repos and metadata with on-demand restores to protect your business","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/706?s=400&v=4","recommended":true,"marketplace_listing":{"listing":{"id":706,"state":3,"name":"Rewind Backups for GitHub","slug":"backhub","short_description":"Automatic daily backups of your GitHub repos and metadata with on-demand restores to protect your business","full_description":"**The most downloaded Backup app for GitHub, managing 500,000+ backups daily.**\n\n[Rewind](https://rewind.com/) is a leading SaaS backup company, **trusted by 100,000+ organizations**.\n\n* Automatic daily backups, including metadata\n* On-demand Restores in a few clicks\n* Backups synced to your S3 and Azure storage with Cloud Sync\n* AES-256 Encryption, audit log and data residency\n* The only SOC 2, Type 2 compliant backup app for GitHub","extended_description":"**Protect your business in minutes**\nGet started quickly. Don't waste another minute maintaining backup scripts.\n\n**Metadata protection**\nIncluding pull requests, issues, projects, milestones, wikis and more.\n\n**Features to meet your Enterprise needs**\nThe Enterprise Plan includes SOC 2 Type 2 Report, audit log, phone support, Cloud Sync, security assessments, 365-day data retention with no size limits and more. Choose your cloud data storage location (EU or US) to meet GDPR or HIPAA requirements. Rewind uses AES-256 Encryption in transit and at rest.\n\n**How does pricing work?**\nEvery GitHub Organization member in your organization is considered a user. We follow GitHub's definition of an [Organization member](https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization).\n\n:cloud: [Learn More](https://rewind.com/products/backups/github/) | :telephone_receiver: [Book a Demo](https://rewind.com/book-a-demo/?platform=github)","primary_category_id":41,"secondary_category_id":41,"privacy_policy_url":"https://rewind.com/legal/privacy-notice/","tos_url":"https://rewind.com/legal/terms-of-service/","company_url":"https://rewind.com","status_url":"https://506d32d7-fdc1-488f-a053-516235802530.site.hbuptime.com/","support_url":"https://rewind.com/contact/","documentation_url":"https://rewind.com/backups-101/rewind-github-features/","pricing_url":"https://backhub.co/pricing/","bgcolor":"F7C20F","light_text":true,"learn_more_url":null,"installation_url":"https://n.backhub.co/installation","how_it_works":null,"hero_card_background_image_id":21,"technical_email":"dave.north@rewind.io","marketing_email":"marketing@rewind.io","finance_email":"receipts@rewind.io","direct_billing_enabled":false,"by_github":false,"security_email":"security@rewind.io","listable_type":"Integration","listable_id":181,"copilot_app":false}}},{"type":"marketplace_listing","id":"3768","state":"unverified","name":"Debricked","free":false,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"debricked","owner_login":"debricked","resource_path":"/marketplace/debricked","installation_count":2376,"full_description":"Debricked s tool allows you to discover known vulnerabilities in your open source-libraries in an early stage of your\ndevelopment process. Identify, fix and prevent open source vulnerabilities automatically with enforceable pipeline\nrules. Spend less time on manual security research and fixes; let Debricked do the work for you.\n\nDebricked is free for all open source projects!\n","short_description":"Automatically identify, fix and prevent vulnerabilities in your open source dependencies","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/3768?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":3768,"state":6,"name":"Debricked","slug":"debricked","short_description":"Automatically identify, fix and prevent vulnerabilities in your open source dependencies","full_description":"Debricked's tool allows you to discover known vulnerabilities in your open source-libraries in an early stage of your development process. **Identify**, **fix** and **prevent** open source vulnerabilities automatically with enforceable pipeline rules. Spend less time on manual security research and fixes; let Debricked do the work for you. \n\n**Debricked is free for all open source projects!**  \n\n\n\n\n\n","extended_description":"Debricked makes it easy to maintain a good state of security in your project. \n\nThe tool allows you to:\n\n- Detect vulnerabilities in your direct and indirect dependencies\n- Integrate seamlessly with other systems used in your everyday workflow\n- Prioritise with the help of our own score, debAI, and make informed decisions \n- Fix vulnerabilities using our suggestions and advise as well as pull requests\n- Prevent dependencies with severe vulnerabilities from entry using automated rules\n- Prevent using dependencies with incompatible licenses\n\nWe support a [wide range of languages and package managers](https://debricked.com/documentation/language-support/), and more are being added as we go!\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://debricked.com/privacy-policy/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","tos_url":"https://debricked.com/terms-and-conditions/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","company_url":"https://debricked.com/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","status_url":"","support_url":"https://debricked.com/contact/?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","documentation_url":"https://debricked.com/documentation/1.0/integrations/ci-build-systems/github?utm_source=github&utm_medium=marketplace&utm_campaign=github-marketplace","pricing_url":null,"bgcolor":"0d1840","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":2763,"technical_email":"oscar.reimer@debricked.com","marketing_email":"joanna.qvarnstrom@debricked.com","finance_email":"daniel.wisenhoff@debricked.com","direct_billing_enabled":false,"by_github":false,"security_email":"martin.hell@debricked.com","listable_type":"Integration","listable_id":24490,"copilot_app":false}}},{"type":"marketplace_listing","id":"16019","state":"unverified","name":"Pixeebot | Automated code fixes.","free":true,"primary_category":"AI Assisted","secondary_category":"Security","is_verified_owner":true,"slug":"pixeebot-automated-code-fixes","owner_login":"pixee","resource_path":"/marketplace/pixeebot-automated-code-fixes","installation_count":1722,"full_description":"Code security is complex work. Let Pixeebot handle it for you.\n\nPixeebot currently supports Java and Python. Install now to get on the waitlist for future languages. ✨ AI features\nenabled by default. Learn more.\n\nJust as Dependabot keeps your dependencies up to date, Pixeebot helps ensure your code is - and stays - secure. Pixeebot\nimmediately starts monitoring your repository and makes suggestions that are easy for your team to absorb.\n","short_description":"Your Automated Product Security Engineer","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16019?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16019,"state":6,"name":"Pixeebot | Automated code fixes.","slug":"pixeebot-automated-code-fixes","short_description":"Your Automated Product Security Engineer","full_description":"# Code security is complex work. Let Pixeebot handle it for you.\n\n>Pixeebot currently supports **Java** and **Python**. Install now to get on the waitlist for future languages. ✨ AI features enabled by default. [Learn more](https://docs.pixee.ai/faqs/).\n\nJust as Dependabot keeps your dependencies up to date, Pixeebot helps ensure your code is - and stays - secure. Pixeebot immediately starts monitoring your repository and makes suggestions that are easy for your team to absorb.","extended_description":"### Pixeebot is not a code scanner, and it’s not going to send you reports. It just hardens your code and fixes stuff.\nNo findings to review, just PRs to accept+merge!\n\n### Harden code continuously\nEvery week, Pixeebot sends a pull request to your default branch with suggested security improvements. Even summon Pixeebot with **@pixeebot next** if you’re ready for more.\n\n### Fix vulnerabilities\nPixeebot also reviews results from your SAST code scanners and auto-remediates whenever possible. All you have to do is approve!\n\n### Uplevel security with PR tune-ups\nEach new pull request your team creates gets automatic feedback from Pixeebot, whether it’s confirmation that everything looks good, or a PR with suggestions. No reports, just actual code fixes you can merge in one step.\n\n### We keep up to date on security best practices, so you don’t have to\nOur security experts stay on top of the latest research to make sure you’re protected from all the latest security threats.","primary_category_id":39,"secondary_category_id":6,"privacy_policy_url":"https://pixee.ai/privacy","tos_url":"https://pixee.ai/terms","company_url":"https://pixee.ai","status_url":"https://docs.pixee.ai/status","support_url":"https://docs.pixee.ai","documentation_url":"https://docs.pixee.ai","pricing_url":null,"bgcolor":"fbfafb","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4069,"technical_email":"david@pixee.ai","marketing_email":"surag@pixee.ai","finance_email":"surag@pixee.ai","direct_billing_enabled":false,"by_github":false,"security_email":"david@pixee.ai","listable_type":"Integration","listable_id":193111,"copilot_app":false}}},{"type":"marketplace_listing","id":"9823","state":"verified","name":"GitProtect.io FREE Backup for GitHub","free":false,"primary_category":"Backup Utilities","secondary_category":"Security","is_verified_owner":true,"slug":"gitprotect-io","owner_login":"xoperosoftware","resource_path":"/marketplace/gitprotect-io","installation_count":1058,"full_description":"The ultimate GitHub Backup DR trusted by thousands of organizations - NHS, HEMA, RED, Netguru more.\n\n“I worked with other backup products and never felt comfortable that the backup plan was going to work as expected” -\nThe Wharton School\n\nBenefits:\n\n  - Automatic backup of repos, metadata, LFS\n  - #1 Disaster Recovery\n  - Any storage - free cloud included or your own on-prem/S3/any cloud\n  - Ransomware Protection\n  - SOC 2 audited, best-in-class security\n","short_description":"Automatic, daily repo and metadata backup - no maintenance needed: fast restore, DR, AWS, and S3 cloud storage support","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/9823?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":9823,"state":3,"name":"GitProtect.io FREE Backup for GitHub","slug":"gitprotect-io","short_description":"Automatic, daily repo and metadata backup - no maintenance needed: fast restore, DR, AWS, and S3 cloud storage support","full_description":"**The ultimate[ GitHub Backup](https://gitprotect.io/github.html) & DR trusted by thousands of organizations** - NHS, HEMA, RED, Netguru & more.\n\n“_I worked with other backup products and never felt comfortable that the backup plan was going to work as expected_” - The Wharton School\n\n**Benefits:**\n\n- Automatic backup of repos, metadata, LFS\n- #1 Disaster Recovery\n- Any storage - free cloud included or your own on-prem/S3/any cloud\n- Ransomware Protection\n- SOC 2 audited, best-in-class security","extended_description":"### Key features\n\n**Fast setup**\nAutomatic GitHub backup on schedule/on-demand\n\n**Repos & Metadata Backup**\nProtect the entire GitHub account- repos, LFS, all metadata -pull requests, issues, wikis, & more\n\n**Multi-storage for replication, not sync**\nUse free cloud storage included, or bring your on-prem/cloud, i.e. AWS S3, Azure, Google & more for replication and 3-2-1 backup\n\n**#1 Disaster Recovery**\nGranular restore or instant Disaster Recovery to many destinations - same/new account, local machine, other platforms\n\n**Ransomware Protection** \nBackup is last line of defense, so we made it ransomware-proof\n\n**ISO/SOC 2 compliance**\nAES257 encryption, own key, audit-ready reports, **best security proven by SOC 2**\n\n**Enterprise-class features**\nUnlimited retention, GFS, multitenancy& [all features](https://gitprotect.io/github-cheat-sheet.pdf)\n\n☎️ [Book Demo](https://calendly.com/d/3s9-n9z-pgc/gitprotect-live-demo?utm_medium=marketplace&utm_source=gitprotect%20github&utm_campaign=demo)","primary_category_id":41,"secondary_category_id":6,"privacy_policy_url":"https://xopero.com/data-protection-policy/","tos_url":"https://xopero.com/terms/terms-of-service/","company_url":"https://xopero.com/","status_url":"","support_url":"https://support.xopero.com/hc/en-us/requests/new","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":"https://one.xopero.com/api/github/marketplace","how_it_works":null,"hero_card_background_image_id":2483,"technical_email":"g.bak@xopero.com","marketing_email":"g.bak@xopero.com","finance_email":"sales@xopero.com","direct_billing_enabled":false,"by_github":false,"security_email":"g.bak@xopero.com","listable_type":"OauthApplication","listable_id":1617854,"copilot_app":false}}},{"type":"marketplace_listing","id":"7736","state":"verified","name":"Cloudback: GitHub Backup & Restore","free":false,"primary_category":"Security","secondary_category":"Backup Utilities","is_verified_owner":true,"slug":"cloudback","owner_login":"cloudback","resource_path":"/marketplace/cloudback","installation_count":1003,"full_description":"Cloudback secures your GitHub repositories with recurrent data backups\n\n  - SOC2 in progress\n  - Automatic backups\n  - Self-sufficient password-protected ZIP archives with AES-256 encryption\n  - Customer storages: S3, OneDrive, Azure, GCP, Wasabi, Alibaba, etc\n  - Cloudback storages: USA, EU, UK, Asia\n  - Data deduplication\n  - Backup replication\n  - Audit log\n  - Instant email and messenger notifications: Slack, MS Teams, Discord\n  - AWS S3 Object Lock and Tag Support\n  - And more\n","short_description":"Backup repositories, metadata and LFS into AWS, Azure, OneDrive, GCP, etc. Pay per repositories, not seats. SOC2 in progress","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/7736?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":7736,"state":3,"name":"Cloudback: GitHub Backup & Restore","slug":"cloudback","short_description":"Backup repositories, metadata and LFS into AWS, Azure, OneDrive, GCP, etc. Pay per repositories, not seats. SOC2 in progress","full_description":"Cloudback secures your GitHub repositories with recurrent data backups\n- SOC2 in progress\n- Automatic backups\n- Self-sufficient password-protected ZIP archives with AES-256 encryption\n- Customer storages: S3, OneDrive, Azure, GCP, Wasabi, Alibaba, etc\n- Cloudback storages: USA, EU, UK, Asia\n- Data deduplication\n- Backup replication\n- Audit log\n- Instant email and messenger notifications: Slack, MS Teams, Discord\n- AWS S3 Object Lock and Tag Support\n- And [more](https://cloudback.it/pricing#all)","extended_description":"## Features\nWe offer the most comprehensive backup on the market. Cloudback lets you store all the information you need to restore the entire repository in the event of a disaster. Back up the GitHub repository code, issues, labels, comments, milestones, etc. \n\n### Customer-managed storages\n - Microsoft Azure Blob Storage\n - Microsoft OneDrive\n - Amazon S3\n - Google Cloud Storage\n - Alibaba Cloud Object Storage\n - OpenStack Swift\n\n### Customer-managed encryption keys\n- Coming soon\n \n### Cloudback-managed storages\n - US, EU, UK, Sidney, Singapore\n\n### Data deduplication \n- Reduce storage costs while using your own storage. [Learn more](https://cloudback.it/docs/deduplication).\n\n### Backup replication\n- Leverage composite storages to replicate backups across multiple locations.\n\n### Fair pricing\n- Pay per repository, not seats. \n- All features included, no matter the plan.\n\n### And more\n- Learn more about Cloudback features in our [docs](https://cloudback.it/docs/what-is-cloudback).","primary_category_id":6,"secondary_category_id":41,"privacy_policy_url":"https://cloudback.it/docs/privacy","tos_url":"https://cloudback.it/docs/terms","company_url":"https://cloudback.it/","status_url":"","support_url":"https://cloudback.it/contact","documentation_url":"https://cloudback.it/docs/what-is-cloudback","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":1921,"technical_email":"team@cloudback.it","marketing_email":"team@cloudback.it","finance_email":"team@cloudback.it","direct_billing_enabled":false,"by_github":false,"security_email":"team@cloudback.it","listable_type":"Integration","listable_id":74074,"copilot_app":false}}},{"type":"marketplace_listing","id":"7654","state":"unverified","name":"Qwiet AI","free":true,"primary_category":"Code quality","secondary_category":"Security","is_verified_owner":false,"slug":"shiftleft-ng-sast","owner_login":"ShiftLeftSecurity","resource_path":"/marketplace/shiftleft-ng-sast","installation_count":480,"full_description":"ShiftLeft NextGen Static Analysis (NG SAST) is a modern code analysis solution, purpose-built to support developer\nworkflows. NG SAST helps find, fix, and prevent OWASP Top 10 vulnerabilities and cloud-centric vulnerabilities such as\nbusiness logic flaws, data leakage, and insider threats.\n","short_description":"The AI-powered AppSec platform","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/7654?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":7654,"state":6,"name":"Qwiet AI","slug":"shiftleft-ng-sast","short_description":"The AI-powered AppSec platform","full_description":"ShiftLeft NextGen Static Analysis (NG SAST) is a modern code analysis solution, purpose-built to support developer workflows. NG SAST helps find, fix, and prevent OWASP Top 10 vulnerabilities and cloud-centric vulnerabilities such as business logic flaws, data leakage, and insider threats.","extended_description":"- Developer Friendly SAST\n\n   NG SAST was designed with developer-friendly workflows as a first principle. In order to maximize developer efficiency, the NG SAST workflow inserts into pull requests and enables developers to find and fix vulnerabilities without ever leaving their development environment.\n\n- The Most Accurate SAST, Proven by the OWASP Benchmark\n\n   NG SAST is the most accurate static code analysis solution. NG SAST’s 75% score on the OWASP benchmark is more than 2X the next highest competitor and nearly 3X the commercial average.\n\n- Up To 40X Faster\n\n   Up to 40X faster than traditional code analysis tools, NG SAST enables developers to secure every pull request without slowing it down. Unlike traditional tools that analyze source code graphs consecutively, NG SAST leverages the Code Property Graph (CPG) to run its analyses concurrently in a single graph of graphs.","primary_category_id":12,"secondary_category_id":6,"privacy_policy_url":"https://qwiet.ai/privacy-policy/","tos_url":"https://qwiet.ai/terms-of-service/","company_url":"https://qwiet.ai","status_url":"https://status.shiftleft.io","support_url":"https://go.qwiet.ai/contact_qwiet","documentation_url":"https://docs.shiftleft.io","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":"https://www.shiftleft.io/api/v4/private/integrations/github/install","how_it_works":null,"hero_card_background_image_id":4374,"technical_email":"support@qwiet.ai","marketing_email":"marketing@qwiet.ai","finance_email":"finance@qwiet.ai","direct_billing_enabled":false,"by_github":false,"security_email":"support@qwiet.ai","listable_type":"OauthApplication","listable_id":1313852,"copilot_app":false}}},{"type":"marketplace_listing","id":"16695","state":"unverified","name":"Veracode Workflow App","free":true,"primary_category":"Security","secondary_category":"Code review","is_verified_owner":false,"slug":"veracode-workflow-app","owner_login":"veracode","resource_path":"/marketplace/veracode-workflow-app","installation_count":239,"full_description":"Automate scans easily – and at scale - by leveraging our Veracode app and using a single workflow to control your\nsecurity program across your organization!\n\nFeatures at-a-glance\n\n  - Automate scans from one place across thousands of repositories\n  - Static, SCA, and Container scans on developer activity from a single “Master” workflow\n  - Zero configuration for Developers - scans run automatically without having to add workflows to individual repo’s\n  - Broad language support\n","short_description":"Automate scans at scale by using our Veracode app to orchestrate scans across your entire portfolio","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16695?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16695,"state":6,"name":"Veracode Workflow App","slug":"veracode-workflow-app","short_description":"Automate scans at scale by using our Veracode app to orchestrate scans across your entire portfolio","full_description":"Automate scans easily – and at scale - by leveraging our Veracode app and using a single workflow to control your security program across your organization! \n\n### Features at-a-glance\n- Automate scans from one place across thousands of repositories\n- Static, SCA, and Container scans on developer activity from a single “Master” workflow\n- Zero configuration for Developers - scans run automatically without having to add workflows to individual repo’s\n- Broad language support\n","extended_description":"### Scan all your repo’s fast!\nScan your repo’s without having to worry about having workflow files scattered across your org\n\n- **1:** Install the app \n- **2:** Veracode automatically forks a template workflow repo into your org if you install the app on all repo's\n    - Or fork the official [Veracode workflow repo](https://github.com/veracode/github-actions-integration) yourself into your root folder and name it `veracode`\n- **3:** Add your credentials to this SINGLE repo\n- **DONE!** Developers get their code scanned automatically and results are viewed as GitHub Checks!\n\n### Scan automatically – set it and forget it!\nAfter installing the app and having the Veracode workflow repo sitting in your org, here’s what happens:\n- Anytime a developer pushes code – a static, SCA, and container scan runs\n- Anytime a developer merges code to your default branch – results are saved to the platform\n- All these can be configured with a few keypresses to match your own security program!","primary_category_id":6,"secondary_category_id":10,"privacy_policy_url":"https://www.veracode.com/legal-privacy/privacy-statement","tos_url":"","company_url":"https://www.veracode.com/","status_url":"","support_url":"https://www.veracode.com/resources/customers/technical-support","documentation_url":"https://docs.veracode.com/r/GitHub_Workflow_Integration_for_Repo_Scanning","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4225,"technical_email":"mtawadrous@veracode.com","marketing_email":"evelarde@Veracode.com","finance_email":"mtawadrous@veracode.com","direct_billing_enabled":false,"by_github":false,"security_email":"oboyle@Veracode.com","listable_type":"Integration","listable_id":484771,"copilot_app":false}}},{"type":"marketplace_listing","id":"13509","state":"verified","name":"Codeac.io","free":false,"primary_category":"Code quality","secondary_category":"Security","is_verified_owner":true,"slug":"codeac-io","owner_login":"codeacio","resource_path":"/marketplace/codeac-io","installation_count":202,"full_description":"Codeac is an Automated Code Review Tool that monitors your technical debt. It helps you improve your code quality and\nteaches best practices to your developers to save time during Code Reviews.\n","short_description":"We help developers write clean code","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13509?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13509,"state":3,"name":"Codeac.io","slug":"codeac-io","short_description":"We help developers write clean code","full_description":"**Codeac** is an Automated Code Review Tool that monitors your technical debt. It helps you improve your code quality and teaches best practices to your developers to save time during Code Reviews.","extended_description":"Codeac brings a set of analyzers to your workflow with unified standards across the whole team. This helps you get actionable feedback after each commit so you can keep the quality of the codebase at a high level.\n\n### Track your technical debt\nCodeac helps you guard all the critical metrics to give you **actionable feedback** and insight about the current state of your codebase. This will help you keep track of your code quality over time.\n\n### Seamless integration\nFor all commits and pull requests, Codeac sends the results back to GitHub.\n\n### 12+ different languages - one platform\nAll projects consist of various technologies; sometimes, it can be hard to keep all the analyzers updated. Now, you can leave the update on us and focus on what's important - developing your software.\n\n### Infrastructure as Code analyses\nCodeac can analyze all the code in your repositories, including Infrastructure as Code like Ansible, Terraform, and more.","primary_category_id":12,"secondary_category_id":6,"privacy_policy_url":"https://www.codeac.io/privacy-policy.html","tos_url":"","company_url":"https://www.codeac.io/","status_url":"","support_url":"https://www.codeac.io/documentation/getting-started.html","documentation_url":"https://www.codeac.io/documentation/index.html","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3797,"technical_email":"support@codeac.io","marketing_email":"support@codeac.io","finance_email":"support@codeac.io","direct_billing_enabled":false,"by_github":false,"security_email":"support@codeac.io","listable_type":"Integration","listable_id":190172,"copilot_app":false}}},{"type":"marketplace_listing","id":"12733","state":"unverified","name":"Backup Github (Backrightup)","free":true,"primary_category":"Backup Utilities","secondary_category":"Security","is_verified_owner":true,"slug":"backup-github-backrightup","owner_login":"Backrightup","resource_path":"/marketplace/backup-github-backrightup","installation_count":160,"full_description":"Backrightup is a SOC 2 compliant Github backups service with offices in US, Europe Australia. Book a call now\n\nIf you want a personalized service, we re your team. We serve around 200 customers (50k backups daily) with top notch\nsupport, cost effectively.\n\nCustomers include US Dept of Defence, Assurant, Canadian Road authority and more.\n\n  - Our storage or yours (AWS/Azure/SFTP)\n  - Repo + metadata on daily schedule (or manual)\n  - On-demand restores\n","short_description":"Automatic backups & restores of repos/metadata. Multiple storage/regions including Azure/AWS or your own. Free plan available","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/12733?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":12733,"state":6,"name":"Backup Github (Backrightup)","slug":"backup-github-backrightup","short_description":"Automatic backups & restores of repos/metadata. Multiple storage/regions including Azure/AWS or your own. Free plan available","full_description":"**Backrightup** is a SOC 2 compliant Github backups service with offices in US, Europe & Australia. [Book a call now](https://calendly.com/backrightup)\n\nIf you want a **personalized** service, we're your team. We serve around 200 customers (50k backups daily) with top notch support, cost effectively. \n\n**Customers include US Dept of Defence, Assurant, Canadian Road authority and more.**\n\n- Our storage or yours (AWS/Azure/SFTP)\n- Repo + metadata on daily schedule (or manual)\n- On-demand restores","extended_description":"### **Key features**\n\n**1-click Setup**\n- Set up in seconds. Click \"Try free\" below\n\n**Backup/Restore with more granularity**\n- Repos and all metadata including issues, pull requests, actions, wiki, and more.\n- Restore individual issues, pull requests, actions, wiki (not offered in other backup apps)\n\n**Set & forget**\n- All repos and metadata are automatically added to backup\n\n**Point-in-time restore**\n- Granular (day by day/manual) or full restores\n\n**Your Storage or Ours**\n- Use our Azure/AWS storage or bring your own\n\n**Support**\n- Phone, video conference, email or website chat\n\n**Security, Documentation & SOC 2 Compliant**\n- AES 256 encryption at transit & rest\n- Rotating encryption keys\n- Compressed to maximize storage usage\n- SOC 2 compliant\n- GDPR Compliant\n\n**User management**\n- Multiple users & roles - configure who sees what\n- Full audit logs\n","primary_category_id":41,"secondary_category_id":6,"privacy_policy_url":"https://backrightup.com/identity/privacy","tos_url":"https://backrightup.com/identity/termsconditions","company_url":"https://backrightup.com","status_url":"https://status.backrightup.com","support_url":"https://backrightup.com","documentation_url":"https://backrightup.crisp.help","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"courtenay.farquharson@backrightup.com","marketing_email":"courtenay.farquharson@backrightup.com","finance_email":"courtenay.farquharson@backrightup.com","direct_billing_enabled":false,"by_github":false,"security_email":"courtenay.farquharson@backrightup.com","listable_type":"Integration","listable_id":206839,"copilot_app":false}}},{"type":"marketplace_listing","id":"15916","state":"unverified","name":"Panoptica GitHub","free":true,"primary_category":"Security","secondary_category":null,"is_verified_owner":false,"slug":"panoptica-github","owner_login":"cisco-panoptica","resource_path":"/marketplace/panoptica-github","installation_count":159,"full_description":"Panoptica s GitHub app enables easy integration of the Panoptica platform to your GitHub organizations and repositories\nproviding IaC, Secret, SAST and SCM Posture scanning to detect, prioritize and prevent security issues.\n","short_description":"Scan IaC in your repository to detect security issues, prioritize risks, and prevent risky configurations before deployment","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/15916?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":15916,"state":6,"name":"Panoptica GitHub","slug":"panoptica-github","short_description":"Scan IaC in your repository to detect security issues, prioritize risks, and prevent risky configurations before deployment","full_description":"Panoptica's GitHub app enables easy integration of the Panoptica platform to your GitHub organizations and repositories providing IaC, Secret, SAST and SCM Posture scanning to detect, prioritize and prevent security issues.","extended_description":"# Panoptica for GitHub\n\nOur tool is engineered to fortify your repositories and organization's security, connecting directly with the Panoptica platform for a unified security management experience and enabling your team true shift security left.\n\n## Panoptica Platform Key Features\n\n- IaC Scanning - Scan IaC templates for potential security issues and misconfigurations.\n- Secret Leak Scanning - Detect exposed credentials within your repositories.\n- Static Application Security Testing (SAST) - Identify vulnerabilities in your source code.\n- Posture Scanning - Evaluate and identify misconfigurations in your GitHub repositories and organizations to maintain robust security standards.\n- Aggregated Security Insights - Obtain an aggregated view of security findings across your different repositories, aiding in comprehensive security analysis and decision-making.","primary_category_id":6,"secondary_category_id":null,"privacy_policy_url":"https://www.panoptica.app/cisco-online-privacy-statement","tos_url":"https://www.panoptica.app/terms-and-conditions","company_url":"https://www.cisco.com","status_url":"","support_url":"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html","documentation_url":"https://docs.panoptica.app/v2.0/docs","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"sales@panoptica.app","marketing_email":"sales@panoptica.app","finance_email":"sales@panoptica.app","direct_billing_enabled":false,"by_github":false,"security_email":"sales@panoptica.app","listable_type":"Integration","listable_id":374303,"copilot_app":false}}},{"type":"marketplace_listing","id":"16736","state":"unverified","name":"DryRun Security","free":true,"primary_category":"Code review","secondary_category":"Security","is_verified_owner":false,"slug":"dryrun-security-app","owner_login":"DryRunSecurity","resource_path":"/marketplace/dryrun-security-app","installation_count":146,"full_description":"Get an AI-powered Security Buddy on Your Next Pull Request\n\nWe’re in beta with a waitlist. Install now and we’ll notify you when we have your spot ready.\n\nDevelopers get stuck with security tools that are too noisy and too slow. We hate that.\n\nWe think:\n\n🦥 Security Code Reviews are too Slow\n\n🎯 Security Context is Missing\n\n🔮 Security Tools are too Confusing\n\nOur drop-in solution adds security context on every pull request, so you don’t have to be a security expert to do the\nright thing.\n","short_description":"Your AI-powered security buddy that uses contextual security analysis to reveal risky code changes","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16736?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16736,"state":6,"name":"DryRun Security","slug":"dryrun-security-app","short_description":"Your AI-powered security buddy that uses contextual security analysis to reveal risky code changes","full_description":"## Get an AI-powered Security Buddy on Your Next Pull Request\n\n> We’re in beta with a waitlist. Install now and we’ll notify you when we have your spot ready.\n\nDevelopers get stuck with security tools that are too noisy and too slow. We hate that. \n\nWe think:\n\n🦥 Security Code Reviews are too Slow\n\n🎯 Security Context is Missing\n\n🔮 Security Tools are too Confusing\n\nOur drop-in solution adds security context on every pull request, so you don’t have to be a security expert to do the right thing.","extended_description":"## Ditch the Noise, Get the Context\n\nUntil now, most security testing takes a generic approach that frustrates developers with repetitive alerts or inaccurate results (hello, we see you false positives).\n\nInstead we evaluate each pull request using Contextual Security Analysis, and it’s the model behind our AI-powered Security Buddy.\n\nYour security buddy checks for:\n\n✅ Authentication and Authorization \n✅ Sensitive Codepaths and Sensitive Functions\n✅ Authorship and Intent\n✅ Code Brittleness\n✅ and more…\n\n## Benefits and Perks\n\n#### Every Code Change Covered\nEvery change and pull request gets analyzed so developers get feedback in near real-time.\n\n#### Every Code Repository Protected\nWith every source code repository in your organization protected, you're limiting exposure to code mishaps and misadventures.\n\n#### Improved Developer Productivity\n\nImproves developer productivity through increasing the velocity of the development pipeline. ","primary_category_id":10,"secondary_category_id":6,"privacy_policy_url":"https://www.dryrun.security/privacy-policy","tos_url":"https://www.dryrun.security/terms-of-service","company_url":"https://dryrun.security","status_url":"","support_url":"https://app.dryrun.security/support","documentation_url":"","pricing_url":null,"bgcolor":"1A1825","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"ken@dryrun.security","marketing_email":"hi@dryrun.security","finance_email":"billing@dryrun.security","direct_billing_enabled":false,"by_github":false,"security_email":"security@dryrun.security","listable_type":"Integration","listable_id":377039,"copilot_app":false}}},{"type":"marketplace_listing","id":"14937","state":"unverified","name":"InfieldAI","free":false,"primary_category":"Dependency management","secondary_category":"Security","is_verified_owner":false,"slug":"infieldai","owner_login":"infieldai","resource_path":"/marketplace/infieldai","installation_count":73,"full_description":"Drowning in open upgrade PRs?\n\nWe researched, parsed, and validated thousands of open source changelogs so you can upgrade quickly and safely.\n","short_description":"Upgrade dependencies safely and easily with Infield-verified changelogs","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/14937?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":14937,"state":6,"name":"InfieldAI","slug":"infieldai","short_description":"Upgrade dependencies safely and easily with Infield-verified changelogs","full_description":"### Drowning in open upgrade PRs? \nWe researched, parsed, and validated thousands of open source changelogs so you can upgrade quickly and safely.\n\n\n\n","extended_description":"### Upgrade safely\nWe've parsed the changelog, categorized the changes, and evaluated each change's potential to break your app. \n\n### Increase Visibility\nSort and filter your dependencies to see which ones are stale, abandoned, or high risk. \n\n### Minimize Toil\nMake your upgrade work more efficient with Infield's automatic changelog research and impact analysis.\n\nQuestions? Reach out to InfieldAI founders directly at [founders@infield.ai](founders@infield.ai).","primary_category_id":11,"secondary_category_id":6,"privacy_policy_url":"https://www.infield.ai/privacy","tos_url":"https://www.infield.ai/terms","company_url":"https://www.infield.ai/","status_url":"","support_url":"support@infield.ai","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3708,"technical_email":"steve@infield.ai","marketing_email":"andrew@infield.ai","finance_email":"allison@infield.ai","direct_billing_enabled":false,"by_github":false,"security_email":"steve@infield.ai","listable_type":"Integration","listable_id":300994,"copilot_app":false}}},{"type":"marketplace_listing","id":"13216","state":"unverified","name":"Access Tokens for GitHub Actions ","free":true,"primary_category":"Utilities","secondary_category":"Security","is_verified_owner":false,"slug":"access-manager-for-github-actions","owner_login":"qoomon","resource_path":"/marketplace/access-manager-for-github-actions","installation_count":72,"full_description":"A GitHub App to create access tokens on behalf of a GitHub Actions workflow run.\n","short_description":"This App create access tokens on behalf of a GitHub Actions","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13216?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13216,"state":6,"name":"Access Tokens for GitHub Actions ","slug":"access-manager-for-github-actions","short_description":"This App create access tokens on behalf of a GitHub Actions","full_description":"A GitHub App to create access tokens on behalf of a GitHub Actions workflow run.\n","extended_description":"see [GitHub Project](https://github.com/qoomon/github-actions-access-manager)","primary_category_id":29,"secondary_category_id":6,"privacy_policy_url":"https://github.com/qoomon/github-actions-access-manager/blob/main/PRIVACY_POLICY.md","tos_url":"","company_url":"","status_url":"","support_url":"https://github.com/qoomon/github-actions-access-manager/issues","documentation_url":"https://github.com/qoomon/github-actions-access-manager","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"qoo@qoomon.me","marketing_email":"qoo@qoomon.me","finance_email":"qoo@qoomon.me","direct_billing_enabled":false,"by_github":false,"security_email":"qoo@qoomon.me","listable_type":"Integration","listable_id":225539,"copilot_app":false}}},{"type":"marketplace_listing","id":"17829","state":"unverified","name":"Minder by Stacklok","free":true,"primary_category":"Security","secondary_category":"Code quality","is_verified_owner":false,"slug":"minder-by-stacklok","owner_login":"stacklok","resource_path":"/marketplace/minder-by-stacklok","installation_count":68,"full_description":"Minder by Stacklok is an open source and extensible platform that helps OSS maintainers and project owners consistently\nprotect their code repos, build pipelines, and artifacts from malicious attacks.\n","short_description":"An open source, extensible platform that helps you enforce security policies and settings across your GitHub organization","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17829?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17829,"state":6,"name":"Minder by Stacklok","slug":"minder-by-stacklok","short_description":"An open source, extensible platform that helps you enforce security policies and settings across your GitHub organization","full_description":"Minder by Stacklok is an open source and extensible platform that helps OSS maintainers and project owners consistently protect their code repos, build pipelines, and artifacts from malicious attacks.","extended_description":"# Minder Features\n\n### Repository configuration and security\n\nMost development teams have multiple repos—averaging 6x the number of developers. Minder helps you simplify configuration and management of security policies and settings across multiple project repos.\n\n### Proactive security enforcement\n\nContinuously enforce security best practices like secret scanning, branch protections, artifact signing and more by setting granular policies to alert or auto-remediate.\n\n### Artifact attestation\n\nMake sure your artifacts are tamper-proof by setting a policy to verify that all artifacts are signed using Sigstore, and display signature and verification status for those artifacts.\n\n### Dependency and license management\n\nManage your dependency security posture and supported licenses by helping developers make better choices and enforcing controls. Minder integrates with [Trusty](https://stacklok.com/trusty) to enable policy-driven management based on dependency risk level.","primary_category_id":6,"secondary_category_id":12,"privacy_policy_url":"https://www.iubenda.com/privacy-policy/85152077","tos_url":"","company_url":"https://stacklok.com/","status_url":"https://status.stacklok.com/","support_url":"https://docs.stacklok.com/minder/about/faq#how-do-i-get-support-for-minder","documentation_url":"https://docs.stacklok.com/minder/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"info@stacklok.com","marketing_email":"marketing@stacklock.com","finance_email":"accountspayable@stacklok.com","direct_billing_enabled":false,"by_github":false,"security_email":"security@stacklok.com","listable_type":"Integration","listable_id":863270,"copilot_app":false}}},{"type":"marketplace_listing","id":"12891","state":"unverified","name":"Precaution","free":false,"primary_category":"Security","secondary_category":"Code review","is_verified_owner":true,"slug":"precaution","owner_login":"securesauce","resource_path":"/marketplace/precaution","installation_count":61,"full_description":"Precaution is a static application security testing (SAST) tool designed to tightly integrate into your GitHub\ndevelopment workflow. Each time a pull request is opened, Precaution runs its static analyzers on the code changes to\ndetect potential security vulnerabilities. Every effort is made to be as accurate as possible to avoid noisy false\npositives.\n","short_description":"Find and fix potential security vulnerabilities in your code","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/12891?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":12891,"state":6,"name":"Precaution","slug":"precaution","short_description":"Find and fix potential security vulnerabilities in your code","full_description":"Precaution is a static application security testing (SAST) tool designed to tightly integrate into your GitHub development workflow. Each time a pull request is opened, Precaution runs its static analyzers on the code changes to detect potential security vulnerabilities. Every effort is made to be as accurate as possible to avoid noisy false positives.","extended_description":"Precaution finds issues such as injection, weak hashes, clear text transmission of data, timing attacks, weak encryption, deserialization of untrusted data,improper certificate validation, and more.","primary_category_id":6,"secondary_category_id":10,"privacy_policy_url":"https://www.securesauce.dev/privacy","tos_url":"https://www.securesauce.dev/terms","company_url":"https://www.securesauce.dev/","status_url":"https://securesauce.github.io/status/","support_url":"support@securesauce.dev","documentation_url":"https://docs.securesauce.dev/","pricing_url":null,"bgcolor":"e4f2f5","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3946,"technical_email":"technical@securesauce.dev","marketing_email":"marketing@securesauce.dev","finance_email":"finance@securesauce.dev","direct_billing_enabled":false,"by_github":false,"security_email":"security@securesauce.dev","listable_type":"Integration","listable_id":20394,"copilot_app":false}}},{"type":"marketplace_listing","id":"16726","state":"unverified","name":"Seal Security Bot","free":true,"primary_category":"Security","secondary_category":"Open Source management","is_verified_owner":true,"slug":"seal-security-bot","owner_login":"seal-community","resource_path":"/marketplace/seal-security-bot","installation_count":55,"full_description":"Seal helps you secure your application without enduring difficult upgrades. Using Seal Security s standalone security\npatches you can easily mitigate open-source vulnerabilities when a full version upgrade is impractical, thereby\neliminating the tradeoff between security and developer velocity.\n","short_description":"Seal helps you remediate open source vulnerabilities without enduring difficult upgrades","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16726?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16726,"state":6,"name":"Seal Security Bot","slug":"seal-security-bot","short_description":"Seal helps you remediate open source vulnerabilities without enduring difficult upgrades","full_description":"Seal helps you secure your application without enduring difficult upgrades. Using Seal Security's standalone security patches you can easily mitigate open-source vulnerabilities when a full version upgrade is impractical, thereby eliminating the tradeoff between security and developer velocity.","extended_description":"# The app\nOur app analyzes your dependencies and compares them to the OSV database. For each vulnerable package it offers a free ready-to-use tested vulnerability-free version made by our research team. Just register for free to our [artifact server](https://app.sealsecurity.io/?ref=ghm), and enjoy hassle-free security patches.\n\n## For developers\nSometimes a full upgrade just to fix a vulnerability is impractical, due to:\n* Breaking changes\n* Legacy codebases\n* Vulnerable transitive dependencies\n\nSeal offers an alternative. Access hundreds of tested [open source](https://github.com/seal-community/patches) patches and eliminate the hassle.\n\n## For security practitioners\nOS vulnerabilities pose a serious risk. Prioritization is useful but inaccurate, and dev teams are recalcitrant. At [Seal](https://seal.security) we make remediation easy.\n\nWith Seal you can achieve faster MTTR and ensure timely updates without compromising stability.\nScan and see which vulnerabilities you can fix today.","primary_category_id":6,"secondary_category_id":18,"privacy_policy_url":"https://www.seal.security/privacy","tos_url":"https://www.seal.security/terms","company_url":"https://www.seal.security/","status_url":"https://sealsecurity.statuspage.io/","support_url":"https://www.seal.security/","documentation_url":"https://docs.sealsecurity.io/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4242,"technical_email":"github@sealsecurity.io","marketing_email":"marketings@sealsecurity.io","finance_email":"finance@sealsecurity.io","direct_billing_enabled":false,"by_github":false,"security_email":"security@sealsecurity.io","listable_type":"Integration","listable_id":422016,"copilot_app":false}}},{"type":"marketplace_listing","id":"15273","state":"unverified","name":"patched.codes","free":true,"primary_category":"AI Assisted","secondary_category":"Security","is_verified_owner":false,"slug":"patched-codes","owner_login":"patched-codes","resource_path":"/marketplace/patched-codes","installation_count":55,"full_description":"Deterministically automate PR reviews, bug fixing, security patching, and more using customizable prompts and your\npreferred LLMs.\n","short_description":"Open Source Agentic AI Workflows for DevOps","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/15273?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":15273,"state":6,"name":"patched.codes","slug":"patched-codes","short_description":"Open Source Agentic AI Workflows for DevOps","full_description":"Deterministically automate PR reviews, bug fixing, security patching, and more using customizable prompts and your preferred LLMs.","extended_description":"**Developer LESS, not developer FIRST.**\nAutomate chores and tasks so you there is less on your plate.\n\n**Stay in the Zone**\nNo IDE pop-ups that disrupt developer flows.\n\n**Privacy Pioritized**\nMinimum code access, pseudonymized for privacy.\n\n**Not another AI Company**\nMultiple code-checks for fully-vetted patches.","primary_category_id":39,"secondary_category_id":6,"privacy_policy_url":"https://patched.codes/privacy","tos_url":"https://patched.codes/terms","company_url":"https://patched.codes","status_url":"","support_url":"https://patched.codes/support","documentation_url":"https://docs.patched.codes/introduction","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"tech@patched.codes","marketing_email":"contact@patched.codes","finance_email":"contact@patched.codes","direct_billing_enabled":false,"by_github":false,"security_email":"tech@patched.codes","listable_type":"Integration","listable_id":298395,"copilot_app":false}}},{"type":"marketplace_listing","id":"16822","state":"unverified","name":"SAML.to","free":true,"primary_category":"Security","secondary_category":"Utilities","is_verified_owner":true,"slug":"saml-to","owner_login":"saml-to","resource_path":"/marketplace/saml-to","installation_count":39,"full_description":"SAML.to GitHub Application\n\nYou can use SAML.to to easily access your AWS Account (and any other providers that support SAML authentication!) on\nLaptops or in GitHub Actions.\n\nWith SAML.to:\n\n  - 🆔 Users can access AWS using their GitHub Identity\n  - 💻 Users can login to services via the Web or a Developer-friendly CLI\n  - 🔏 Access Control is managed with using YAML file in a GitHub Repository of your choice\n","short_description":"Developer Friendly AWS Role Assumption","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16822?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16822,"state":6,"name":"SAML.to","slug":"saml-to","short_description":"Developer Friendly AWS Role Assumption","full_description":"# SAML.to GitHub Application\n\nYou can use SAML.to to easily access your [AWS](https://aws.amazon.com) Account (and any other providers that support SAML authentication!) on Laptops or in GitHub Actions.\n\nWith SAML.to:\n - 🆔 Users can access AWS using their GitHub Identity\n - 💻 Users can login to services via the Web or a [Developer-friendly CLI](https://github.com/saml-to/cli)\n - 🔏 Access Control is managed with using YAML file in a GitHub Repository of your choice\n","extended_description":"### Replace Okta, JumpCloud, AWS SSO, or home-grown scripts to assume AWS roles.\n\n - Declarative Access Control Lists\n - Auditable Access Control\n - Command Line Interface\n\nFor more information, visit [SAML.to](https://saml.to).\n\n#### Command Line Interface\nUse the `saml-to` CLI assume roles on developer systems.\n\n```shell\nsaml-to login github\n\n$(saml-to assume [a-role-name-or-arn] --headless)\n\naws ec2 reboot-instances ...\n```\n\n#### GitHub Actions\nUse the `assume-aws-role-action` to assume roles during CI/CD.\n\n```yaml\nsteps:\n- uses: saml-to/assume-aws-role-action@v1\n  with:\n    role: a-role-name-or-arn\n- run: aws ecs deploy ...\n```\n\n#### GitHub Codespaces\nUse the `assume-aws-role` to assume roles in Codesapces.\n\n```json\n\"features\": {\n  \"ghcr.io/saml-to/devcontainer-features/assume-aws-role:1\": {\n    \"role\": \"a-role-name-or-arn\"\n  },\n}\n```","primary_category_id":6,"secondary_category_id":29,"privacy_policy_url":"https://saml.to/privacy","tos_url":"https://saml.to/terms","company_url":"https://saml.to","status_url":"","support_url":"https://saml.to/contact","documentation_url":"https://docs.saml.to/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"help@saml.to","marketing_email":"marketing@saml.to","finance_email":"finance@saml.to","direct_billing_enabled":false,"by_github":false,"security_email":"security@saml.to","listable_type":"Integration","listable_id":141473,"copilot_app":false}}},{"type":"marketplace_listing","id":"13233","state":"unverified","name":"Threatrix","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"threatrix","owner_login":"threatrix","resource_path":"/marketplace/threatrix","installation_count":38,"full_description":"Graduate To Threatrix\n\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated\nsecurity, allowing organizations to determine their exposure to open source risks with one solution. Actionable results\ndrive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance\nteams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.\n","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13233?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13233,"state":6,"name":"Threatrix","slug":"threatrix","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","full_description":"## Graduate To Threatrix\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated security, allowing organizations to determine their exposure to open source risks with one solution. Actionable results drive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance teams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.","extended_description":"Nearly four years of research and development have culminated in the creation of our core technologies. Threatrix Origin Tracing technology ensures the most accurate open source match results producing immediately actionable data from build time scans.\n\nWith support for more than 400 languages and growing every day, Threatrix encompasses, by far, the broadest coverage of any tool in the market.\n\n### Continuous Security\nThreatrix continuously scans your repositories for security vulnerabilities and creates fix requests for the next or latest security versions of components.\n\n### Continuous Compliance\nThreatrix produces hyper-accurate results in minutes allowing your team to perform continuous triage of license issues to stay ahead of open source risks. VCs are using Threatrix to determine risks with their investments. Failing to comply with all of your open source licenses may kill your next funding round.\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://threatrix.io/privacy","tos_url":"https://threatrix.io/terms","company_url":"https://threatrix.io/","status_url":"","support_url":"support@threatrix.io","documentation_url":"https://docs.threatrix.io/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"john@threatrix.io","marketing_email":"kristen@threatrix.io","finance_email":"john@threatrix.io","direct_billing_enabled":false,"by_github":false,"security_email":"john@threatrix.io","listable_type":"Integration","listable_id":220916,"copilot_app":false}}},{"type":"marketplace_listing","id":"17028","state":"unverified","name":"Paraxial.io","free":true,"primary_category":"Security","secondary_category":null,"is_verified_owner":false,"slug":"paraxial-io","owner_login":"paraxialio","resource_path":"/marketplace/paraxial-io","installation_count":22,"full_description":"Paraxial.io secures Elixir and Phoenix applications. Check your code for security problems in CI/CD, get a full\ninventory of where your Elixir apps are running, and stop attacks at runtime.\n","short_description":"Detect security problems in your code. Get actionable security feedback and prevent new vulnerabilities","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17028?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17028,"state":6,"name":"Paraxial.io","slug":"paraxial-io","short_description":"Detect security problems in your code. Get actionable security feedback and prevent new vulnerabilities","full_description":"Paraxial.io secures Elixir and Phoenix applications. Check your code for security problems in CI/CD, get a full inventory of where your Elixir apps are running, and stop attacks at runtime. ","extended_description":"## Secure Code and Dependencies \n\nNew vulnerabilities can be introduced through a code change or new dependency. Paraxial.io automatically checks both, ensuring your application is secure. \n\n## Automated Code Review\n\nThe Paraxial.io Github App checks all new code changes for security problems, and provides detailed feedback on how to fix reported issues. \n\n## Feedback In Your PR\n\nYou do not have to go digging through CI logs to determine what security issue caused the build to fail. Get immediate, actionable feedback right in your PR.\n\n## Secure and Compliant \n\nParaxial.io checks for severe security issues (RCE, SQL injection) that result in data breaches. It also ensures a record of each scan is kept on the backend for compliance audits. (ex: SOC 2 Type I & II)\n\n\n\n\n","primary_category_id":6,"secondary_category_id":null,"privacy_policy_url":"https://paraxial.io/privacy","tos_url":"https://paraxial.io/terms","company_url":"https://paraxial.io/","status_url":"","support_url":"https://paraxial.io/","documentation_url":"https://hexdocs.pm/paraxial/getting_started.html","pricing_url":null,"bgcolor":"000","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"michael@paraxial.io","marketing_email":"michael@paraxial.io","finance_email":"michael@paraxial.io","direct_billing_enabled":false,"by_github":false,"security_email":"michael@paraxial.io","listable_type":"Integration","listable_id":717041,"copilot_app":false}}}],"total":33,"total_pages":2},"categories":{"apps":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Recently added","slug":"recently-added","description_html":"<p>The latest tools that help you and your team build software better, together.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}],"actions":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"GitHub Sponsors","slug":"github-sponsors","description_html":"<p>Tools to manage your <a href=\"https://github.com/sponsors\">GitHub Sponsors</a> community</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}]}},"title":"Marketplace"}