Enigmail is an extension for the mail client of Mozilla, Netscape 7.x, and Mozilla Thunderbird that allows users to access the authentication and encryption features provided by the popular GnuPG software. It can encrypt/sign mail when sending, decrypt/authenticate received mail, and import/export public keys. It supports both the inline PGP format and the PGP/MIME format, which can be used to encrypt attachments, and is cross-platform, although binaries are supplied only for a limited number of platforms. Enigmail uses inter-process communication to execute GPG to carry out encryption/authentication.
ThreadFix is a software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. It imports the results from dynamic, static, and manual testing to provide a centralized view of software security defects across development teams and applications. The system allows companies to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. By auto-generating application firewall rules, this tool allows organizations to continue remediation work uninterrupted. ThreadFix empowers managers with vulnerability trending reports that show progress over time, giving them justification for their efforts.
Bork is a very small, cross-platform file encryption utility using a password-based RC4 algorithm. It is designed to be included in source code form along with the files it encrypts for long-term storage (eg on CD-R). Its minimal external dependencies are designed to make it fairly futureproof.
The te-edu Password Meter class can be used to check whether a password is strong enough to not be guessed easily. It can perform several tests on a given password string to compute a score that represents the strength of a password. Password checking is based on brute force attack class A and considers 10 million password checks in one minute. It checks characters, character pairs, repeated characters, time needed to be discovered, character standard entropy, etc.
Java Security Component Framework (JSCF) is a pluggable security component system with a JDBC-like interface. It allows connections to be made to registered security components with defined operations used mainly for mail, such as encrypting, decrypting, verifying, and signing streams. An implementation that works with the popular gpg program is included.