We are Exhibiting at BlackHat Europe Virtually on December 14-17, 2022
Connect With UsNo matter how you sell Strobes, either as a standalone solution or as part of a larger service, it enables you to add greater value to your existing solutions so you can win new clients, generate upsells, and keep your customers.
At Strobes, you can judge our solutions by the company we keep. We work with our Technology Partners to integrate a consistently expanding set of data sources, classes, and categories — and to enhance our solutions so you can measure and manage risk better than ever before.
Strobes integrates a constantly expanding set of data sources and data classes/categories. This consists of your internal data combined with over a dozen sources of threat and exploits intelligence in order to measure risk and improve your risk posture.
open source web application security testing tool that helps developers identify vulnerabilities in web applications.The API uses JSON as the primary data format, and all API requests and responses are in JSON format.
Enables you to create a configuration between Veracode DAST and Strobes. The applications on Veracode will be imported as assets on Strobes and the vulnerabilities will be logged against the respective assets.
Trivy can be run from the command line, and it generates a report of its findings in text or JSON format.
The Triangulum Command Line Interface (Triangulum CLI) is a tool that enables you to run various scans depending on your requirements. Triangulum is the scanning engine used by Strobes.
Enables you to create a configuration between Blackduck and Strobes using which you can sync the data in your open source dependencies for security vulnerabilities and license compliance risks.
The JSON report will contain information about any potential bugs that SpotBugs identified in the code.
This endpoint accepts JSON-formatted payloads with your script as the content .
You can export the CLI Code results to a JSON or SARIF format file. When you export the results, you need to provide a name for the new file.
Semgrep can be run from the command line, and it generates a report of its findings in text or JSON format.
Enables you to create an SBOM of your code repositories.
Retire.js is a tool for identifying and reporting on JavaScript libraries that have known vulnerabilities. It can be run from the command line or as a Node.js module, and it generates a report of its findings in text, JSON, or HTML format.
The Qualys Cloud Platform includes a RESTful API that allows you to access and manipulate data within the platform programmatically. The API uses JSON as the primary data format, and all API requests and responses are in JSON format.
Using the Qualys API, third parties can integrate their own applications with Qualys cloud security and compliance solutions using an extensible XML interface.
A simple tool for parsing output from OpenSCAP and converting it to JSON.
The JSON report will contain information about any vulnerabilities that were identified in the packages that the project depends on, as well as recommendations for how to fix the vulnerabilities.
JSON files are less cluttered and easy-to-read. Collaborating JSON files with Node.js makes it simple to ensure that the information can be easily accessed by the users.
You can automatically configure and deploy Nessus scanners using environment variables or a configuration JSON file
API to generate JSON Report.
Enables you to create a configuration between Microsoft Teams and Strobes. This configuration can be used to send notifications to Teams when certain actions are triggered or completed.
Enables you to create a configuration between JFrog and Strobes using which you can sync the data in your open source dependencies for security vulnerabilities and license compliance risks.
HuskyCI is a cloud-based, continuous integration and delivery (CI/CD) platform that enables developers to build, test, and deploy their code quickly and reliably. The API uses JSON as the primary data format, and all API requests and responses are in JSON format.
Enables you to sync vulnerabilities between Hackerone and Strobes. The assets defined under scope on Hackerone will be created as assets on Strobes and the vulnerabilities will be logged against the respective assets.
It can be run from the command line, and it generates a report of its findings in text, JSON, or HTML format
Enables you to create a configuration between your Github Repositories and Strobes.
You can output the scan results in JSON and CSV and formats for consumption in other reporting tools and frameworks.
The method writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity.
ESLint can be configured using a configuration file, which specifies the rules that ESLint should follow when linting your code. The configuration file can be in JSON or JavaScript format.
Configured to generate a JSON report of the scan results.
Open source vulnerability management tool that helps organizations track and prioritize vulnerabilities and manage remediation efforts. Defect Dojo API uses JSON as the primary data format, and all API requests and responses are in JSON format.
Open source static code analysis tool for identifying security vulnerabilities in Ruby, Python, and Java applications. The JSON report will contain information about any security vulnerabilities that Dawnscanner identified in the code.
Actionable vulnerability reports. You can download useful scan reports in PDF, JSON/XML, and CSV and easily share them with team members, executives, and clients.
CodeQL is a semantic code analysis platform that enables developers to identify and fix vulnerabilities and other security issues in their source code.
Open source tool for static analysis of vulnerabilities in container images. The API uses JSON as the primary data format, and all API requests and responses are in JSON format.
Is a simple ruby script for parsing the XML generated output from Burp Scanner results
Enables Burp to decode and manipulate JSON web tokens.
Package manager for the Ruby programming language. The JSON report will contain information about any vulnerabilities that were identified in the gems that the project depends on, as well as recommendations for how to fix the vulnerabilities.
This will output JSON with two lists: one of fixed warnings and one of new warnings. By default, Brakeman pages output to the terminal with the less pager.
Enables you to create a configuration between your Bitbucket Repositories and Strobes.
JSON-based format for the storage and transmission of security-related data. It is designed to be easy to use, secure, and efficient.
Arachni is an open source web application security scanner that helps developers identify vulnerabilities in web applications. It can be run from the command line or used as a library, and it generates a report of its findings in text, HTML, or JSON format.
Aqua is a provider of cloud-native security solutions for protecting container-based and cloud-native applications. The API uses JSON as the primary data format, and all API requests and responses are in JSON format.
The JSON report will contain information about any vulnerabilities that AppSpider identified in the web application.
An easy-to-integrate open source vulnerability scanning tool for container images and filesystems
Anchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images.
Fully managed Docker container registry that makes it easy to store, share, and deploy container images.
Automatically integrates with a developer's workflow
Sonar Cloud is a SAST scanner which examines your code to identify vulnerabilities.
Semgrep is a SAST tool which examines your code to identify vulnerabilities.
Reconx lets you discover your assets which are exposed over the internet.
Rapid7 Insight VM Scanner is an infrastructure which scans your network assets to identify vulnerabilities.
Sync Rapid7 Insight VM Sites and Asset Groups with Strobes.
Enables you to sync assets and vulnerabilities between Rapid7 Insight Platform API and Strobes.
A SAST scanner which examines the code of your PHP applications to identify vulnerabilities.
Records all your global internet assets & reduces your mean time to inventory (MTTI)
Fast and customizable vulnerability scanner based on simple YAML based DSL.
MobSF is a SAST tool which examines your APK or IPA files code to identify vulnerabilities.
Enables you to import vulnerabilities which have been entered in the CSV format which Strobes provides. Using this you can import multiple vulnerabilities at once and they all will be logged against the respective assets mentioned in the CSV file.
Enables you to Onboard assets of your organization onto Strobes. Strobes provides a specific CSV format using which you can import all your assets.
Enables you to sync assets and vulnerabilities between Fortify (SAST, DAST scans) and Strobes.
Enables you to integrate CloudSploit with Strobes and then schedule and run scans from Strobes to detect security and configuration issues across AWS, Azure and GCP.
Cloud Raxak automates security and ensures compliance across public and private clouds.
Enables you to sync sites and vulnerabilities between Burp Enterprise and Strobes. Sites are imported as assets and the vulnerabilities from the scans on those sites are logged against the respective sites.
HCL AppScan SAST scanner examines your source code to identify potential vulnerabilities.
HCL AppScan DAST scanner tests applications and APIs against potential vulnerabilities while applications are running.
Web vulnerability solution are designed to be a part of complex environments
Enables you to sync repos and vulnerabilities between Github Dependabot and Strobes. Repos will be onboarded as Assets and the vulnerabilities will be logged against the respective repos.
Enables you to upload different types of files onto Strobes.
Enables you to create a configuration between your SVN Repositories and Strobes.
Enables you to create a configuration with your SMTP server. This configuration can be used to send emails to the recipient list which you have configured during the setup when certain actions are triggered or completed.
Sync Nexpose Sites and Asset Groups with Strobes
Anchore is an SBOM powered software supply chain management solution.
Enables you to directly import the reports generated from Qualys scans. The target is imported as an asset and the vulnerabilities imported are logged against that asset.
Enables you to directly import the reports generated from Nexpose scans. The target is imported as an asset and the vulnerabilities imported are logged against that asset.
Sonar Qube is a SAST scanner which examines your Java, Php, C, C++, C#, Python and JS code to identify vulnerabilities.
A SAST scanner which examines the code of your node.js applications to identify vulnerabilities.
Gosec is a SAST scanner which examines Go lang code for vulnerabilities.
FlawFinder is a SAST scanner which examines C/C++ source code and reports possible security weaknesses sorted by risk level.
ESLint is a static code analysis tool for identifying problematic patterns found in JavaScript code.
Enables you to identify if the dependencies you use contain any vulnerabilities.
Brakeman is a vulnerability scanner which statically analyzes Rails application code to find security issues.
Bandit is a tool designed to find common security issues in Python code.
Appknox SAST has 36 test cases which can be used to analyze your source code.
Spotbugs is a SAST scanner which examines your Java code to identify vulnerabilities.
Enables you to initiate scans on your running Burp instance through Strobes using the Burp Suite's REST API.
Enables you to setup a configuration on Strobes to retrieve the docker images in your registry.
Enables you to create a configuration between your Git Repositories and Strobes.
Enables you to onboard any of the services like EC2, RDS, etc from AWS onto Strobes as Assets.
Enables you to import your assets from Nessus onto Strobes.
Enables you to sync Bugzilla and Strobes.
Enables you to establish a 2-way sync between Jira and Strobes.
Enables you to directly import the reports generated from Nessus scans. The target is imported as an asset and the vulnerabilities imported are logged against that asset.
Enables you to directly import the XML reports generated from Burp scans. The target is imported as an asset and the vulnerabilities imported are logged against that asset.
Enables you to create a configuration between Flock and Strobes. This configuration can be used to send notifications to Flock when certain actions are triggered or completed.
Enables you to create a configuration between Slack and Strobes. This configuration can be used to send notifications to Slack when certain actions are triggered or completed.
Trivy scans container images to identify vulnerabilities.
Enables you to integrate Cloudmapper with Strobes and then schedule and run scans from Strobes on your AWS environment to detect potential misconfigurations.
A Cloud scanner which scans your AWS environment to identify misconfigurations.
Rapid7 Nexpose Scanner is an infrastructure which scans your network assets to identify vulnerabilities.
Nessus is an infrastructure which scans your network assets to identify vulnerabilities.
ZAP Rest API Scanner scans your API collections to identify vulnerabilities.
GTM Advisor
Let’s achieve mutual success with a structured program and clear expectations, making it easy to deliver Strobes solutions to our joint customers.
