🚧 DevGuard & this page is under active development. Visit the DevGuard Repo →

Develop Secure Software.

DevGuard seamlessly integrates security into your software development lifecycle, making security practices accessible and efficient for all, regardless of expertise.

OWASP LogoIkor part of X1 LogoBonn-Rhein-Sieg University of Applied Sciences LogoUniversity of Giessen LogoWheregroup Logo

Security & Compliance

Get Software Security and Compliance Done. With ease.

DevSecOps

Get AppSec done with ease

No need for hours of configuration or research. DevGuard provides you with a full OWASP DevSecOps pipeline, advanced supply chain security, and more.

Attestation based Compliance Controls

Automated Tracking, Documentation & Reporting

As a developer you love to code - probably not hasseling with compliance. DevGuard provides a pre-release checklist, prioritized todos, and a full audit trail.

Automated setup

Get started in seconds

DevGuard is easy to set up. Use the auto setup for your GitLab Instance or GitHub or just add a few lines to your CI pipeline and you're good to go.

Made in Germany & EU

Open Source Licensed

The core team behind DevGuard is based in Bonn, Germany. We are committed to open source. Especially when it comes to security.

Integrations

Use with your favorite tools

Keep using your favorite tools. DevGuard integrates with all major continous integration pipelines & software development tools.

Software Development Lifecycle Posture Assessment.

SBOM & VEX

Advanced Security Features

CI Components & SARIF API

Built for developers

DevGuard is designed to be developer-friendly, with a focus on ease of use and integration.

Dependency Graph, SBOM & VEX

Unique Lens on your Software

With DevGuard you can gain insights into your software that you never had before and share them. Provide your customers with a link to your SBOM and VEX - always up to date.

Helping FOSS Projects & Enterprises

We're on a mission to transform the way software is developed and secured.

Our mission

DevGuard aims to make application security easier and more accessible for developers. By integrating essential security tools such as SCA, secret scanning, and container scanning into a single CLI, DevGuard is designed to reduce the burden on developers while seamlessly fitting into dev workflows. Our goal is to help developers build secure software without the need for specialized security knowledge.

Our team, L3montree, is a small but highly dedicated startup focused on software security, cloud-native security, and open-source software consulting and implementation. Founded by a group of friends during our computer science studies, we are passionate about building a secure and equitable digital future for everyone. Our strong commitment to open-source values and security drives us to collaborate with the community, public institutions and private organizations alike.

DevGuard is free for other open source projects. Get in touch with us to learn more. We are happy to help. To appreciate the work of FOSS maintainers, we decided to return a part of our revenue of DevGuard to the open source projects we use and rely on.

The Numbers

Aggregated data sources
+10
Records of known vulnerabilities
+250K
Factor of possible cost savings when fixing vulnerabilities early in dev compared to fixing in production
x10
Enterprises currently in alpha programme
1

Ready to dive in?
Become an alpha tester today.

We are currently accepting applications for our alpha testing program. Be the first to experience DevGuard, shape it with your feedback, and help us make it better.