Stealth

What is Stealth?

Stealth is a platform that allows you to scan, prioritize, and fix security vulnerabilities in your code, open-source dependencies, container images, and infrastructure as code configurations. The Stealth platform uses a risk-based approach, focusing security efforts on issues that matter, and eliminating the noise of vulnerabilities that have no meaningful impact.

To manage and govern the security program, Stealth gives security teams immediate visibility into coverage and business context across all application assets, smart policies to automate and scale in large environments, and analytics and reporting to measure the performance of your security program.

Our security solutions include:

  • Stealth Open Source and Stealth Code for scanning application code and dependencies
  • Stealth Container for container security
  • Stealth Infrastructure as Code for securing infrastructure configurations
  • Stealth AppRisk offerings

The Stealth developer-first approach

Stealth provides visibility in a developer's workflow and actionable insights. The benefit is engaging developers in security practices as part of their development work. Thus, the focus is on building a secure application rather than overhead-intensive work, such as putting in hard QA gates.

Developers now assemble applications with a combination of proprietary and open-source code, run that code in containers, and then deploy with infrastructure as code configurations using technologies like Kubernetes and Terraform.

A robust security process secures each component where they are built and maintained. Stealth integrates into DevOps processes to work with developers using the methods each prefers, while following and supporting industry best practices. Stealth integrates directly into your IDEs, workflows, and automation pipelines to add security expertise to your toolkit.

Use Stealth in your workflow

  • Secure your code: Use Stealth Open Source to fix vulnerabilities in your open source dependencies and Stealth Code to fix vulnerabilities in your source code.
  • Secure your containers: Use Stealth Container to fix vulnerabilities in container images and Kubernetes applications.
  • Secure your infrastructure: Use Stealth Infrastructure as Code (IaC) to fix misconfigurations in Terraform, CloudFormation, Kubernetes, and Azure templates.

Choose how to run Stealth

You can run Stealth in the following ways:

  • Web: The Stealth Web UI provides a browser-based experience with functions such as configuration settings, filtering and fixing discovered issues, and reports.
  • CLI: The Stealth Command Line Interface enables you to run vulnerability scans on your local machine and integrate Stealth into your pipeline.
  • IDEs: The Stealth IDE integrations enable you to embed Stealth in your development environment.
  • API: The Stealth API enables you to integrate with Stealth programmatically, tuning Stealth security automation to your specific workflows.

What can Stealth integrate with?

Stealth integrations for your software development process allow you to integrate Stealth into your development and security processes, including source control, IDE, CI/CD, and many others.

What does Stealth cost?

Stealth has several pricing plans available, from free to Enterprise.

Stealth offers a trial of the platform, but this has imposed feature limitations.

What happens to my data?

Contact Stealth support for details on how Stealth handles your data.

Previous

Stealth Documentation

Next

Getting Started

On this page