Skip to main content

Michele M Jordan

Pylint is a source code, bug and quality checker for the Python programming language. It follows the style recommended by PEP 8, the Python style guide.

OpenStack Security Group

Bandit is a tool designed to find common security issues in Python code. By processing files, building an AST and running appropriate plugins against the AST nodes, Bandit is able to generate a report once it has finished scanning code.

Gimpel Software LLC

PC-Lint Plus is a comprehensive static analysis solution for C and C++.  Comply with Safety Standards Enforce compliance with industry coding standards including MISRA, AUTOSTAR, and CERT C, customise detection of individual guidelines and easily s ...

PC-lint Plus

ECLAIR is a general platform for software verification. Applications range from coding rule validation, to automatic generation of testcases, to the proof of absence of run-time errors or generation of counterexamples, and to the specification of code mat ...


Astrée is a static code analyzer that proves the absence of run­time errors and invalid con­current behavior in safety-critical software written or gen­er­ated in C. Astrée primarily targets embedded applications as found in aero­nautics, earth trans­por ...

Code Dx Inc.

Code Dx helps enterprises rapidly release more secure software, mitgates the risk of a breach, while helping you be faster and more agile.  Orchestrate tools Centralize and harmonize application security testing across all development pipelines in ...

Code Dx Enterprise
Axivion GmbH

The Axivion Suite gives you the full range of Axivion analysis tools in one box. The Axivion Suite includes static code analysis, architecture analysis and effective tools for the detection of code smells. The Axivion Suite runs on Windows, Linux and Mac ...

Axivion Suite

Klocwork static code analysis and SAST tool for C, C++, C#, and Java identifies software security, quality, and reliability issues helping to enforce compliance with standards. Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any ...

Erlend Oftedal

There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay update on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecu ...


SpotBugs is a program which uses static analysis to look for bugs in Java code. SpotBugs is capable of checking for more than 400 bug patterns and can be used standalone or through many integrations including: Ant, Maven, Gradel, Eclipse. 


Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

Facebook Open Source

Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance.


Snyk provides security products across the cloud native application stack, securing all the components of the modern cloud native application in a single platform.   Open Source Security Automatically find, prioritise and fix vulnerabilities in yo ...

Cloudbric Company

Cloudbric WAF+ is a fully managed web security solution for any company or organization with a website, providing protection against the full spectrum of web threats. WAFCloudbric WAF provides a fully managed web security for enterprises and SMBs with ...

Category WAF - Cloud

Omega Core Audit provides a software security solution to help customers approach the complex and difficult security challenges in Oracle Database Systems - protecting against outsider and/or insider threats, unauthorized access and enforcing duty separat ...

Omega Core Audit
Stratus Engineering

The EZ-Tap Pro is an industry leading protocol analyzer.

Zyxel Communications Corp

Get protection from malware and unauthorized application for your business. Keep your business running smoothly without downtime by protecting your network from outside threats. Deliver collaborative approach to complex security threats with unified manag ...

ZyXEL Next-Gen Firewall
Zyxel Communications Corp

Zyxel's ZyWALL Security solutions provide real-time protection that ensure service continuity, optimal CP performance and improved network control. Three product lines to address every size from SMB to Enterprise.

Zyxel Next-Gen Unified Security Gateway
Zyxel Communications Corp

Reinforce security for hybrid network with SecuExtender as the Zero Trust agent, integrated always-on IPSec VPN, traffic shaping, IKEv2/EAP, supporting devices insight and more granular control over remote workplaces.

Category VPN Clients
SecuExtender Zero Trust VPN Client
Jordan Wright

Gophish is an open-source phishing toolkit meant to help pentesters and businesses conduct real-world phishing simulations. It is a phishing framework in the Go programming language, released as compiled binaries with no dependencies.