Working together to build world-class application security programs

Orasi is a DevSecOps innovator enabling the acceleration, security and adoption of software applications through automation. Working with world-class partners, Orasi provides solutions and services that offer full lifecycle support and integration to ensure confident delivery of transformative applications. Headquartered in Kennesaw, GA, Orasi works with hundreds of global brands, including Fortune 500 companies, in a variety of industries. Orasi is built around one goal: helping our customers deliver high quality, highly secure software applications that are designed for rapid adoption.


Learn more at

Cobalt Pentests are on-demand hacker-powered penetration tests performed by a certified researcher supported by handpicked Core researchers. Customers pay a fixed price based on application size and testing frequency.


If you are looking for a focused application security assessment and penetration testing setup, where you get an actionable report for your team and customers, this is the solution for you.

Learn more at

Fortify on Demand is Application Security as a Service, with integrated static, dynamic and mobile AppSec testing with continuous monitoring for web apps in production. 

Fortify combines industry-leading software with a team of experts that deliver optimization, results review, and false positive removal as part of global 24/7 support. 

Learn more at

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains.  As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype pioneered componentized software development and has a rich history of supporting open source innovation.  Today, more than 120,000 organizations depend on Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications.

Learn more at

Imperva's AppSec programs allow enterprises to uncover and act upon key critical security incidents by utilizing artificial intelligence and machine learning, securing against OWASP Top 10 threats across both the cloud and on-premises WAF deployments, mitigating potentially devastating DDoS attack before they even reach your application, accelerating web content delivery ensuring users consistently have optimal user experience, supporting faster application release cycles while ensuring application protection during runtime, and ensuring high availability of your application despite web workload failures.

Learn more at

The Prevoty product — Runtime Application Self-Protection (RASP, formerly Autonomous Application Protection) protects application services end-to-end; from the network edge, to within the applications themselves, and ultimately back to the various databases where data are stored.

Learn more at:

Partnering with organizations to build world-class AppSec programs from Policy to Production.


Call: 678-426-5160

Metro-Atlanta office:

114 Townpark Drive

Kennesaw, GA 30144

New office in Murfreesboro, TN coming in Q3 2020

© Copyright Saltworks Security 2020