Appcanary is joining GitHub
Find out more here
Don't find out about security vulnerabilities through Twitter or Hacker News.
Show your compliance auditors how effective you are at keeping your systems safe.
We’re currently tracking more than
over hundreds of thousands of packages:
Ruby gems like Rails, ActiveRecord, or multi_json
Linux packages like nginx, apache, or MongoDB
on Ubuntu, Debian, CentOS, and Amazon Linux
Our agent stays with your servers and checks up on them regularly.
It's very polite and discreet.
Check with us whenever you run tests, or submit pull requests.
Let us know whenever you deploy and we'll notify you later.
Works great with Docker and Heroku!
How it works
We keep track of which versions of what packages are vulnerable to which security vulnerabilities, so you don't have to.
We provide an open-source agent and an API. We monitor the packages you have installed on your Linux system by hooking into the package manager (i.e. apt or yum). We also monitor the libraries used by your Ruby or PHP applications by monitoring their package lock files.
You can upload files directly to our API endpoint, or through a web
- Ubuntu - via apt
- Debian - via apt
- CentOS - via yum
- Amazon Linux - via yum
- Ruby - via Gemfile.lock
- PHP - via composer.lock
- More coming soon!
In 2012, Phill and Max started a security and web development consultancy together. In 2013, they cofounded Rubysec, an open-source project that catalogues all Ruby-related software vulnerabilities.
In 2015, they shuttered the consultancy to begin working on Appcanary. That summer they participated in Y Combinator.