Best AI tools for< Automate Security Workflows >

AppSec Assistant is an AI-powered application designed to provide automated security recommendations in Jira Cloud. It focuses on ensuring data security by enabling secure-by-design software development. The tool simplifies setup by allowing users to add their OpenAI API key and organization, encrypts and stores data using Atlassian's Storage API, and provides tailored security recommendations for each ticket to reduce manual AppSec reviews. AppSec Assistant empowers developers by keeping up with their pace and helps in easing the security review bottleneck.

Abnormal AI is an email security platform that provides comprehensive protection against email attacks exploiting human behavior, such as phishing and social engineering. The platform deeply understands human behavior through AI-native solutions and API-based architecture. Abnormal Security offers products to secure cloud email, increase productivity with AI, prevent SaaS application attacks, and protect cloud infrastructure. The platform leverages behavioral AI detection, multi-dimensional defense, and human behavior modeling to deliver uniform protection across various communication channels and cloud ecosystems.

Tracecat is an open-source security automation platform that helps you automate security alerts, build AI-assisted workflows, orchestrate alerts, and close cases fast. It is a Tines / Splunk SOAR alternative that is built for builders and allows you to experiment for free. You can deploy Tracecat on your own infrastructure or use Tracecat Cloud with no maintenance overhead. Tracecat is Apache-2.0 licensed, which means it is open vision, open community, and open development. You can have your say in the future of security automation. Tracecat is no-code first, but you can also code as well. You can build automations fast with no-code and customize without vendor lock-in using Python. Tracecat has a click-and-drag workflow builder that allows you to automate SecOps using pre-built actions (API calls, webhooks, data transforms, AI tasks, and more) combined into workflows. No code is required. Tracecat also has a built-in case management system that allows you to open cases directly from workflows and track and manage security incidents all in one platform.

Risotto is an AI help desk application designed to streamline IT support processes. It offers features such as automatic ticket creation, routing, workflows, and escalations, as well as integrations with popular knowledge stores. Risotto aims to enhance security, improve employee experience, and save time and money by automating access requests and providing 24/7 support. The application leverages AI to provide fast responses, reduce support overhead, and handle access requests through natural language, ultimately making IT teams more efficient and effective.

n8n is a powerful workflow automation software and tools that offer advanced AI capabilities. It is a popular platform for technical teams to automate workflows, integrate various services, and build autonomous agents. With over 400 integrations, n8n enables users to save time, streamline operations, and enhance security through AI-driven processes. The tool supports self-hosting, external libraries, and offers enterprise-ready solutions for scaling operations. n8n empowers users to code iteratively, explore advanced AI features, and create complex workflows with ease.

n8n is a powerful workflow automation software and tool that offers advanced AI capabilities. It is a popular platform for technical teams to automate workflows, integrate various services, and build autonomous agents. With over 400 integrations, n8n enables users to save time, streamline operations, and enhance security through AI-powered solutions. The tool supports self-hosting, external libraries, and a user-friendly interface for both coding and non-coding users.

Odin AI is a comprehensive AI platform that offers a range of tools and features to simplify and automate various tasks. It provides solutions for brand compliance, custom templates, guardrails, knowledge graph, model fine-tuning, conversational AI, task automation, meeting note-taking, chatbot building, and more. Odin AI aims to enhance productivity, streamline workflows, and improve decision-making across different industries and use cases.

Procys is a document processing platform powered by AI that offers solutions for various document-related tasks. It features a self-learning engine for efficient document processing, seamless integration with over 260 apps, OCR API powered by AI for optical character recognition, customized data extraction capabilities, and AI autosplit for automatic document splitting. Procys caters to different use cases such as invoice OCR, ID card OCR, receipt OCR, and account payable automation. The platform ensures data security as a top priority and provides enterprise-grade security and compliance solutions.

Hoop.dev is an AI-powered application that provides live data masking in Rails console sessions. It offers shielded Rails console access, automated employee onboarding and off-boarding, and AI data masking to protect sensitive information. The application allows for passwordless authentication via Google SSO with MFA, auditability of console operations, and compliance with various security controls and regulations. Hoop.dev aims to streamline Rails console operations, reduce manual workflows, and enhance security measures for user convenience and data protection.

Kindo is an AI-powered platform designed for DevSecOps teams to automate tasks, write doctrine, and orchestrate infrastructure responses. It offers AI-powered Runbook automations to streamline workflows, automate tedious tasks, and enhance security controls. Kindo enables users to offload time-consuming tasks to AI Agents, prioritize critical tasks, and monitor AI-related activities for compliance and informed decision-making. The platform provides a comprehensive vantage point for modern infrastructure defense and instrumentation, allowing users to create repeatable processes, automate vulnerability assessment and remediation, and secure multi-cloud IAM configurations.

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness. It automates evidence collection, control monitoring, and risk management, saving companies time and resources. Drata also provides a centralized platform for managing compliance across multiple frameworks, including SOC 2, ISO 27001, HIPAA, and GDPR.

Gradient is an AI automation platform designed specifically for enterprise AI purposes. It offers a seamless way to automate manual workflows with minimal effort, providing business intuition and industry expertise. The platform ensures unmatched compliance with various regulations and prioritizes privacy and security. Gradient's Agent Foundry enables users to automate tasks, integrate data, and optimize workflows efficiently, making it a valuable tool for modern enterprises.

GitLab is a comprehensive AI-powered DevSecOps platform that balances speed and security in a single platform. It automates software delivery, boosts productivity, and secures the end-to-end software supply chain. GitLab simplifies the toolchain by providing all essential DevSecOps tools in one place, accelerates software delivery through automation and AI-powered workflows, and integrates security seamlessly. It allows users to deploy anywhere without cloud vendor lock-in, offering value stream management, analytics, and insights to accelerate coding. GitLab is trusted by industry leaders for building mission-critical software and is recognized as a Leader in DevOps Platforms by various industry analysts.

Respell is an advanced Agentic AI Workflow platform that leverages cutting-edge AI models from various providers like OpenAI, Anthropic, Cohere, and open source. It offers AI automation for business workflows, providing custom-built agents for research, phone calls, integrations, and more. Users can connect Respell with popular platforms, analyze data with AI, and automate tasks without the need for coding. The platform ensures enterprise security with SOC II compliance and offers features like human-in-the-loop functionality, all-in-one platform for AI workflows, and AI efficiency across organizations.

Pulumi is an AI-powered infrastructure as code tool that allows engineers to manage cloud infrastructure using various programming languages like Node.js, Python, Go, .NET, Java, and YAML. It offers features such as generative AI-powered cloud management, security enforcement through policies, automated deployment workflows, asset management, compliance remediation, and AI insights over the cloud. Pulumi helps teams provision, automate, and evolve cloud infrastructure, centralize and secure secrets management, and gain security, compliance, and cost insights across all cloud assets.

Tavrn is an AI-powered platform that offers high-accuracy medical record chronologies for attorneys in a matter of hours. The platform utilizes cutting-edge AI technology to process hundreds of pages of medical records quickly and efficiently. Tavrn aims to reduce the burden of medical chronology costs for law firms, allowing lawyers to focus on advocating for their clients. With features like advanced Optical Character Recognition, enterprise-ready security, live support, and custom workflows, Tavrn provides a secure and high-tech solution for legal professionals to streamline their workflows and enhance case management efficiency.

The FileAI website offers an AI-powered file reading assistant that specializes in data extraction from structured documents like financial statements, legal documents, and research papers. It automates tasks related to legal and compliance review, finance and accounting report preparation, and research and academia support. The tool aims to streamline document processing, enhance learning processes, and improve research efficiency. With features like summarizing complex texts, extracting key information, and detecting plagiarism, FileAI caters to users in various industries and educational fields. The platform prioritizes data security and user privacy, ensuring that data is used solely for its intended purpose and deleted after 7 days of non-use.

GitHub is a collaborative platform for building and shipping software that offers various features such as GitHub Copilot for AI-powered coding assistance, security tools for finding and fixing vulnerabilities, automation of workflows, instant development environments, project management, code review, and collaboration tools. It aims to simplify the software development process and improve developer productivity by leveraging AI technology.

ContractPodAi is an AI-driven contract management solution designed exclusively for legal and compliance use cases. It offers enterprise-grade GenAI models fine-tuned for legal tasks, modern AI-powered contract management solutions, and automation of legal requests from start to finish. The platform aims to save time, reduce errors, and unlock new insights by leveraging the power of Generative AI. ContractPodAi provides a comprehensive suite of features and solutions for various industries and departments, enabling users to streamline their workflows, enhance data security, and centralize contract and legal document management.

MarkovML is an AI application that empowers enterprises to transform knowledge work with AI. It offers a no-code platform to create custom workflows, build GenAI applications, and perform automated exploratory data analysis. The application provides AI-driven solutions for EdTech, recruiting, and finance operations. Users can access insights, trends, and machine learning resources through the blog and share data insights with peers. MarkovML ensures data security, traceability, and encryption, and offers integrations with various data sources for unified access and reuse.

Admyral is an open-source Cybersecurity Automation & Investigation Assistant that provides a unified console for investigations and incident handling, workflow automation creation, automatic alert investigation, and next step suggestions for analysts. It aims to tackle alert fatigue and automate security workflows effectively by offering features like workflow actions, AI actions, case management, alert handling, and more. Admyral combines security automation and case management to streamline incident response processes and improve overall security posture. The tool is open-source, transparent, and community-driven, allowing users to self-host, contribute, and collaborate on integrations and features.

AIShield Watchtower is a tool designed to fortify the security of AI/ML models and Jupyter notebooks by automating model and notebook discoveries, conducting vulnerability scans, and categorizing risks into 'low,' 'medium,' 'high,' and 'critical' levels. It supports scanning of public GitHub repositories, Hugging Face repositories, AWS S3 buckets, and local systems. The tool generates comprehensive reports, offers a user-friendly interface, and aligns with industry standards like OWASP, MITRE, and CWE. It aims to address the security blind spots surrounding Jupyter notebooks and AI models, providing organizations with a tailored approach to enhancing their security efforts.

The repository 'Awesome-LLM4Cybersecurity' provides a comprehensive overview of the applications of Large Language Models (LLMs) in cybersecurity. It includes a systematic literature review covering topics such as constructing cybersecurity-oriented domain LLMs, potential applications of LLMs in cybersecurity, and research directions in the field. The repository analyzes various benchmarks, datasets, and applications of LLMs in cybersecurity tasks like threat intelligence, fuzzing, vulnerabilities detection, insecure code generation, program repair, anomaly detection, and LLM-assisted attacks.

PatchWork is an open-source framework designed for automating development tasks using large language models. It enables users to automate workflows such as PR reviews, bug fixing, security patching, and more through a self-hosted CLI agent and preferred LLMs. The framework consists of reusable atomic actions called Steps, customizable LLM prompts known as Prompt Templates, and LLM-assisted automations called Patchflows. Users can run Patchflows locally in their CLI/IDE or as part of CI/CD pipelines. PatchWork offers predefined patchflows like AutoFix, PRReview, GenerateREADME, DependencyUpgrade, and ResolveIssue, with the flexibility to create custom patchflows. Prompt templates are used to pass queries to LLMs and can be customized. Contributions to new patchflows, steps, and the core framework are encouraged, with chat assistants available to aid in the process. The roadmap includes expanding the patchflow library, introducing a debugger and validation module, supporting large-scale code embeddings, parallelization, fine-tuned models, and an open-source GUI. PatchWork is licensed under AGPL-3.0 terms, while custom patchflows and steps can be shared using the Apache-2.0 licensed patchwork template repository.

Tracecat is an open-source automation platform for security teams. It's designed to be simple but powerful, with a focus on AI features and a practitioner-obsessed UI/UX. Tracecat can be used to automate a variety of tasks, including phishing email investigation, evidence collection, and remediation plan generation.

ByteChef is an open-source, low-code, extendable API integration and workflow automation platform. It provides an intuitive UI Workflow Editor, event-driven & scheduled workflows, multiple flow controls, built-in code editor supporting Java, JavaScript, Python, and Ruby, rich component ecosystem, extendable with custom connectors, AI-ready with built-in AI components, developer-ready to expose workflows as APIs, version control friendly, self-hosted, scalable, and resilient. It allows users to build and visualize workflows, automate tasks across SaaS apps, internal APIs, and databases, and handle millions of workflows with high availability and fault tolerance.

Concierge is a versatile automation tool designed to streamline repetitive tasks and workflows. It provides a user-friendly interface for creating custom automation scripts without the need for extensive coding knowledge. With Concierge, users can automate various tasks across different platforms and applications, increasing efficiency and productivity. The tool offers a wide range of pre-built automation templates and allows users to customize and schedule their automation processes. Concierge is suitable for individuals and businesses looking to automate routine tasks and improve overall workflow efficiency.

Nous is an open-source TypeScript platform for autonomous AI agents and LLM based workflows. It aims to automate processes, support requests, review code, assist with refactorings, and more. The platform supports various integrations, multiple LLMs/services, CLI and web interface, human-in-the-loop interactions, flexible deployment options, observability with OpenTelemetry tracing, and specific agents for code editing, software engineering, and code review. It offers advanced features like reasoning/planning, memory and function call history, hierarchical task decomposition, and control-loop function calling options. Nous is designed to be a flexible platform for the TypeScript community to expand and support different use cases and integrations.

Sophia is an open-source TypeScript platform designed for autonomous AI agents and LLM based workflows. It aims to automate processes, review code, assist with refactorings, and support various integrations. The platform offers features like advanced autonomous agents, reasoning/planning inspired by Google's Self-Discover paper, memory and function call history, adaptive iterative planning, and more. Sophia supports multiple LLMs/services, CLI and web interface, human-in-the-loop interactions, flexible deployment options, observability with OpenTelemetry tracing, and specific agents for code editing, software engineering, and code review. It provides a flexible platform for the TypeScript community to expand and support various use cases and integrations.

OpenAdapt is an open-source software adapter between Large Multimodal Models (LMMs) and traditional desktop and web Graphical User Interfaces (GUIs). It aims to automate repetitive GUI workflows by leveraging the power of LMMs. OpenAdapt records user input and screenshots, converts them into tokenized format, and generates synthetic input via transformer model completions. It also analyzes recordings to generate task trees and replay synthetic input to complete tasks. OpenAdapt is model agnostic and generates prompts automatically by learning from human demonstration, ensuring that agents are grounded in existing processes and mitigating hallucinations. It works with all types of desktop GUIs, including virtualized and web, and is open source under the MIT license.

LionAGI is a powerful intelligent workflow automation framework that introduces advanced ML models into any existing workflows and data infrastructure. It can interact with almost any model, run interactions in parallel for most models, produce structured pydantic outputs with flexible usage, automate workflow via graph based agents, use advanced prompting techniques, and more. LionAGI aims to provide a centralized agent-managed framework for "ML-powered tools coordination" and to dramatically lower the barrier of entries for creating use-case/domain specific tools. It is designed to be asynchronous only and requires Python 3.10 or higher.

Labelbox is a data-centric AI platform for enterprises to develop, optimize, and use AI to solve problems and power new products and services. Enterprises use Labelbox to curate data, generate high-quality human feedback data for computer vision and LLMs, evaluate model performance, and automate tasks by combining AI and human-centric workflows. The academic & research community uses Labelbox for cutting-edge AI research.

Hercules is the world’s first open-source testing agent designed to handle the toughest testing tasks for modern web applications. It turns simple Gherkin steps into fully automated end-to-end tests, making testing simple, reliable, and efficient. Hercules adapts to various platforms like Salesforce and is suitable for CI/CD pipelines. It aims to democratize and disrupt test automation, making top-tier testing accessible to everyone. The tool is transparent, reliable, and community-driven, empowering teams to deliver better software. Hercules offers multiple ways to get started, including using PyPI package, Docker, or building and running from source code. It supports various AI models, provides detailed installation and usage instructions, and integrates with Nuclei for security testing and WCAG for accessibility testing. The tool is production-ready, open core, and open source, with plans for enhanced LLM support, advanced tooling, improved DOM distillation, community contributions, extensive documentation, and a bounty program.

Aircrack-ng is a comprehensive suite of tools designed to evaluate the security of WiFi networks. It covers various aspects of WiFi security, including monitoring, attacking (replay attacks, deauthentication, fake access points), testing WiFi cards and driver capabilities, and cracking WEP and WPA PSK. The tools are command line-based, allowing for extensive scripting and have been utilized by many GUIs. Aircrack-ng primarily works on Linux but also supports Windows, macOS, FreeBSD, OpenBSD, NetBSD, Solaris, and eComStation 2.

This is a development tutorial for eBPF based on CO-RE (Compile Once, Run Everywhere). It provides practical eBPF development practices from beginner to advanced, including basic concepts, code examples, and real-world applications. The tutorial focuses on eBPF examples in observability, networking, security, and more. It aims to help eBPF application developers quickly grasp eBPF development methods and techniques through examples in languages such as C, Go, and Rust. The tutorial is structured with independent eBPF tool examples in each directory, covering topics like kprobes, fentry, opensnoop, uprobe, sigsnoop, execsnoop, exitsnoop, runqlat, hardirqs, and more. The project is based on libbpf and frameworks like libbpf, Cilium, libbpf-rs, and eunomia-bpf for development.

ARTKIT is a Python framework developed by BCG X for automating prompt-based testing and evaluation of Gen AI applications. It allows users to develop automated end-to-end testing and evaluation pipelines for Gen AI systems, supporting multi-turn conversations and various testing scenarios like Q&A accuracy, brand values, equitability, safety, and security. The framework provides a simple API, asynchronous processing, caching, model agnostic support, end-to-end pipelines, multi-turn conversations, robust data flows, and visualizations. ARTKIT is designed for customization by data scientists and engineers to enhance human-in-the-loop testing and evaluation, emphasizing the importance of tailored testing for each Gen AI use case.

Chat with your data using OpenAI and AI Search. This solution accelerator uses an Azure OpenAI GPT model and an Azure AI Search index generated from your data, which is integrated into a web application to provide a natural language interface, including speech-to-text functionality, for search queries. Users can drag and drop files, point to storage, and take care of technical setup to transform documents. There is a web app that users can create in their own subscription with security and authentication.

Tools4AI is a Java-based Agentic Framework for building AI agents to integrate with enterprise Java applications. It enables the conversion of natural language prompts into actionable behaviors, streamlining user interactions with complex systems. By leveraging AI capabilities, it enhances productivity and innovation across diverse applications. The framework allows for seamless integration of AI with various systems, such as customer service applications, to interpret user requests, trigger actions, and streamline workflows. Prompt prediction anticipates user actions based on input prompts, enhancing user experience by proactively suggesting relevant actions or services based on context.

Botright is a tool designed for browser automation that focuses on stealth and captcha solving. It uses a real Chromium-based browser for enhanced stealth and offers features like browser fingerprinting and AI-powered captcha solving. The tool is suitable for developers looking to automate browser tasks while maintaining anonymity and bypassing captchas. Botright is available in async mode and can be easily integrated with existing Playwright code. It provides solutions for various captchas such as hCaptcha, reCaptcha, and GeeTest, with high success rates. Additionally, Botright offers browser stealth techniques and supports different browser functionalities for seamless automation.

The FuzzyAI Fuzzer is a powerful tool for automated LLM fuzzing, designed to help developers and security researchers identify jailbreaks and mitigate potential security vulnerabilities in their LLM APIs. It supports various fuzzing techniques, provides input generation capabilities, can be easily integrated into existing workflows, and offers an extensible architecture for customization and extension. The tool includes attacks like ArtPrompt, Taxonomy-based paraphrasing, Many-shot jailbreaking, Genetic algorithm, Hallucinations, DAN (Do Anything Now), WordGame, Crescendo, ActorAttack, Back To The Past, Please, Thought Experiment, and Default. It supports models from providers like Anthropic, OpenAI, Gemini, Azure, Bedrock, AI21, and Ollama, with the ability to add support for newer models. The tool also supports various cloud APIs and datasets for testing and experimentation.

Comprehensive resource for integrating security into the software development lifecycle.

Betterscan.io DevSecOps

Interactive on Network (IoN) Automation SCP (IoN-A-SCP)™ AI-copilot (BETA)

DevOps specialist providing guidance on CI/CD, cloud services, and security.

Expert in analyzing vulnerabilities with ransomware focus with intelligence powered by Phoenix Security

Linux/Unix expert with a focus on detailed security aspects.

プレイブック作成botです。例：GuardDutyの検出結果タイプを入力することで、自動的にプレイブックを作成します。

I automate GPT creation, saving + 99% time and securing data, preventing someone steal your idea.

Open Source Prompt: https://github.com/mleoca/Bash-Scripting-GPT

Your go-to for comprehensive Home Assistant guidance. *NOT* officially associated with Nabu Casa or Home Assistant.

Your Personal Cloud DevOps Mentor

IDAPython coding assistant: idc, idautils, decompiler, etc..

BashEmulator GPT: A Virtualized Bash Environment for Linux Command Line Interaction. It virtualized all network interfaces and local network

Cloud Engineer Expert, guiding in cloud tech, projects, career, and industry trends.

A GPT Agent that connects to your server via SSH

Ensures IT systems integrity through comprehensive auditing.

Guides from Terraform install to script deployment.

AI-powered audit ally. Enhance cybersecurity effortlessly with intelligent, automated security analysis. Safe, swift, and smart.

An automated cyber threat intelligence expert configured and trained by Bob Gourley. Pls provide feedback. Find Bob on X at @bobgourley

Intelligent home automation assistant, optimizing and managing smart homes.