Discover +93 AI Security apps & tools

Pros: Exposes security checks as standard MCP tools for native client calls. Detects embedded secrets and flags PII before model processing. Open-source architecture enables adding modules and integrations. Configurable security policies to tailor violation thresholds.

Cons: Malware scanning relies on third-party API keys such as VirusTotal. Requires hosting and maintaining a Python-based server. External scan accuracy depends on integrated service responses.

Pros: Executes Python and JavaScript/Node.js scripts for agent workflows. Configurable resource limits prevent runaway processes and excessive memory use. Open-source code base allows community auditing of sandbox mechanisms. Integrates with MCP clients via standard mcp_config.json configuration.

Cons: Requires a Node.js runtime and MCP-compatible client to run. Language support focused on scripting runtimes, primarily Python and JavaScript. Local server setup and configuration require developer knowledge.

Pros: Detects prompt injection using a dedicated detection module. Blocks sophisticated jailbreak attempts before they reach the model. Integrates with Model Context Protocol hosts such as Claude Desktop. Open-source codebase enables community review and audits.

Cons: Requires an MCP-compliant host to function, not standalone. Needs a Node.js runtime and operational hosting. Detection depends on known-pattern library and ongoing rule tuning.

Pros: Runs untrusted model-generated code inside isolated sandboxes. Lets developers define granular filesystem boundaries and permissions. MCP compatibility enables use with clients such as Claude Desktop. Open-source codebase allows community auditing and custom extensions.

Cons: Effectiveness depends on correct and complete policy configuration. Requires Node.js and an MCP client for deployment. Monitoring requires active review to interpret agent actions.

Pros: Exposes disassembly and hex dumps for model consumption. Extracts strings and metadata from ELF and PE files. Implements a standardized MCP toolset for dynamic calls. Open-source codebase that teams can inspect and extend.

Cons: Requires an MCP-compatible host application to operate. Outputs are raw artifacts and need human validation. Relies on a Python runtime for the server component. Focused on executables; not a general-purpose file inspector.

Pros: Uses Semgrep SAST to identify pattern-based vulnerabilities. Integrates with MCP clients for inline assistant-session checks. Open-source and extensible for custom security rules. Designed for local execution to preserve code privacy.

Cons: Requires an MCP host and a Node.js runtime to operate. Limited to static analysis; cannot detect runtime faults. Depends on MCP-enabled clients such as Claude Desktop for integration.

Pros: Aggregates NVD, CISA KEV, and ExploitDB into a single queryable interface. Provides direct access to exploit source code and technical briefs. Supports stdio and Streamable HTTP transports for flexible deployments. Automates pentesting report generation from CVE-specific findings.

Cons: Requires an Exploitintel API key for full intelligence access. Deployment expects Node.js or Docker, demanding technical setup. Findings that affect remediation still require expert validation.

Pros: Dependency graph maps secrets, projects, and deployments visually. Zero-knowledge encryption encrypts data on-device before synchronization. Incident feed matches alerts to stored credentials for faster response.

Cons: Team collaboration features remain in beta. Requires Model Context Protocol environments for agent integration. Server never sees unencrypted data, limiting server-side recovery options.

Pros: Aggregates Checkov, tfsec, and Terrascan into one report. Provides AI-driven remediation suggestions using LLMs. Distributed as a single binary with no external dependencies. Exports JSON and Markdown for pipeline integration.

Cons: AI features require an external API key and provider access. Generated remediation proposals need human validation for sensitive changes. Requires Terraform installed on the host system. ASCII diagrams are basic for complex architectures.

Pros: Native Model Context Protocol integration for direct MCP compatibility. Built-in TLS encryption for client-to-bridge transport. Prometheus metrics and OpenTelemetry support for monitoring. Automatic SBOM generation and integrity checks for supply-chain traceability.

Cons: Geared toward technical users; needs familiarity with server tooling. Optional Acuvity policing integration links traffic to Acuvity platform. All-in-one mode centralizes processes, reducing process separation.

Pros: Records baseline project state for reliable change detection. Requires explicit user approval for AI-originated actions. Integrates natively with Model Context Protocol clients. Operates locally for core monitoring and approvals.

Cons: Requires MCP-compatible clients and Node.js environments. High security level can slow fast prototyping workflows. Targeted at early-adopter MCP users rather than general IDE plugins. Cloud features are optional, core functions are local-only.

Pros: Real-time JSON-RPC interception and visualization. Latency profiling and token-usage estimation for diagnostics. Supports stdio, Streamable HTTP, WebSocket, HTTP/SSE transports. Session recording and playback for post-mortem analysis.

Cons: Interpreting raw JSON-RPC requires developer expertise during audits. Specialized to MCP workflows, not applicable outside MCP environments.

Pros: Maintains persistent operation memory across testing sessions. Captures terminal output, screenshots, and logs as evidence. Acts as an MCP server to connect models with local tools. Open-source code allows auditing and custom extensions.

Cons: Requires Node.js and an MCP-compatible client for deployment. Connected language models typically need internet unless local. Designed for CLI-first professionals, less suited for GUI users. Local evidence storage requires deliberate data hygiene practices.

Pros: Uses the host operating system CSPRNG for cryptographic randomness. Returns machine-readable JSON with security metadata for agents. Produces entropy bits and NIST SP 800-63 verification flags. Stateless operation, does not retain generated secrets.

Cons: Requires an MCP host and Node.js runtime for deployment. Designed for agent workflows, not a human password manager. Crack-time estimates depend on attacker-profile assumptions.

Pros: MCP-native server supplies TLS context to AI agents and IDEs. Rust implementation reduces memory faults during cryptographic processing. PFX to PEM conversion plus CSR generation for PKI tasks. Optional HashiCorp Vault integration for enterprise PKI workflows.

Cons: Command-line and server orientation requires configuration effort. OCSP-based revocation checks depend on responder and network availability. MCP server mode needs IDE or agent configuration to expose context.

Pros: Detects missing headers and incorrect content types in MCP OAuth flows. Produces reproducible evidence bundles for debugging and auditing. Optional LLM explanations translate RFC compliance gaps into readable text.

Cons: Command-line interface requires HTTP trace literacy from users. LLM explanations are interpretive and need independent verification. Installation needs Go toolchain or Docker environment.

Pros: Deny-by-default model prevents unauthorized tool calls. Drift detection flags unexpected server-side schema changes. Machine-readable audit logs support compliance and forensics. Supports OAuth 2.1 JWT validation for agent identity.

Cons: Requires MCP-compliant environment and Node.js runtime. Integration needed with external identity providers for JWTs. Budget-capped sessions constrain long-running experiments.

Pros: Cryptographic signatures make receipts tamper-evident. Signing daemon keeps private keys separate from agents. SDKs for Python, TypeScript, and Go ease integration. Local database plus dashboard enables on-host verification.

Cons: Requires MCP-compatible workflows for seamless integration. Local-first storage increases host management and backup duties. Ecosystem tooling concentrated among early MCP adopters.