Arnica

Pipelineless AppSec. Developer-Native Workflows.

10 followers

Visit website
Arnica delivers pipelineless security with developer-native workflows that fix the right risks at the right time. We provide 100% code coverage from day one, free visibility with SAST, SCA, IaC, SBOMs, secret scanning, and git hardening, plus paid workflows that turn visibility into impact. With AI-assisted fixes, automation, and Arnie, our agentic enforcer, Arnica helps AppSec and developers collaborate in real time and make secure coding the default.
Arnica gallery image
Arnica gallery image
Arnica gallery image
Arnica gallery image
Arnica gallery image
Free Options
Launch tags:SaaSSoftware EngineeringSecurity
Launch Team
Intercom
Intercom
Startups get 90% off Intercom + 1 year of Fin AI Agent free
Promoted

What do you think? …

Nir V
Maker
Hi Product Hunt, My name is Nir! I am one of the three co-founders of arnica.io. I’ve worn many hats in cyber security over the years – sys admin, pen-tester, security architect, and Chief Information Security Officer (CISO). What really gets me excited about my work is making security easy and effective for developers and ops teams! In my last role, at one of the largest FinTech companies in the world, our CEO needed me to secure our software supply chain. I met with 15+ vendors, did a few POCs, and each solution either increased operational cost or was too narrow in scope. I also found that many fellow CISOs faced the same problem. This is when I joined forces with my incredible co-founders – @diko_dahan (Diko) and @eranation (Eran). They were seeing the same pain in their worlds (engineering and ops) too! As a starting point for Arnica, we researched every software supply chain attack since 2018, and based on our research, we found two primary root causes: 1. 🪄 improper access management to developer tools 2.🥸 inability to identify abnormal identity and code behavior We studied the anatomy of each supply chain attack and designed a product to effectively secure developer tool stacks with a DevOps-first approach: 1. Identify excessive permissions to source code starting with GitHub and Azure DevOps repos 🆓 2. Mitigate excessive permissions with an ability to regain access via self-service on Slack for your developers 3. Automatically generate & modify a CODEOWNERS file via pull request, based on the contextual behavior of the pull request reviewers 4. Secret detection and validation without modifications of the build pipelines for all repositories, public and private without any user-count limitations. 🆓 5. Map GitHub users to your SAML/SSO provider. Also 🆓 forever. Why are we giving away so much functionality for free? I believe Arnica can do well by doing good in the DevSecOps community. Our mission is to be the easy button for DevOps security. Anything that is considered “single pane of glass” is our free contribution. If we do that first and foremost, we are sure we will build a successful business. Sign up today for a 30-day Arnica trial today (extended to celebrate our launch)! ~Nir
Rob McDonald
@diko_dahan @eranation @nir_v @simon_wenet Phenomenal! Very excited about what you are doing and this important milestone. Gas pedal down!!!!
Simon Wenet
Maker
@rob_mcdonald3 thank you for the support!!
Fares
Simon Wenet
Amazing work by the @Arnica team! Congrats on the launch!
Nir V
Maker
Congrats team!
Mike Doyle
Just Wow.
Nir V
Maker
Thanks Mike
Aelita Сhervonnaya
i'll check it for sure! congrats on the launch!
Nir V
Maker
Thanks Aelita
Nenad Nikoloski
Maker
Congrats on the launch team!
Nir V
Maker
Congrats to Arnica’s team!
Jason Phelps
Congrats on the launch, team!
Nir V
Maker
@pxgzf498gt Thank you!
Tom Messner
Awesome - congrats on the launch team!
Nir V
Maker
@t_mess Thanks Tom
12
Next
Last