Newest Listing

Top Rated

Most Popular

Tags: SCA

Visit the Product Site

Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

VendorGoogle
Pricing ModelFreeware
ModifiedNever

Visit the Product Site

SpotBugs is a program which uses static analysis to look for bugs in Java code.

VendorSpotBugs
Pricing ModelFreeware
ModifiedNever

Visit the Product Site

There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay update on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecu ...

VendorErlend Oftedal
Pricing ModelFreeware
ModifiedNever
Klocwork

Visit the Product Site

Klocwork supports popular CI tools to perform analysis on incremental code changes, during check in, to keep pace with rapid release delivery cycles. Klocwork puts static code analysis where you need it, identifying critical safety, reliability, and codin ...

VendorRogue Wave Software, Inc.
Pricing ModelCommercial
ModifiedNever

Visit the Product Site

Axivion Bauhaus Suite is a range of tools for automated static code analysis. It supports your software system developers in ensuring high quality and long-term ease of maintenance of the code they create, thereby actively preventing insidious software er ...

VendorAxivion GmbH
Pricing ModelCommercial
Modified
Code Dx Enterprise

Visit the Product Site

Code Dx Enterprise is designed specifically to make your application security program run faster and more accurately, while reducing time spent and labor costs. It combines and correlates the results from all of your AppSec scanning tools—static and dynam ...

VendorCode Dx Inc.
Pricing ModelCommercial
ModifiedNever
Stat

Visit the Product Site

Stat! includes fifteen different static application security testing (SAST) tools, and chooses the best ones to use automatically. Just feed in your source code, and Stat! will identify your programming languages (even if you use more than one), run the s ...

VendorCode Dx Inc.
Pricing ModelCommercial
ModifiedNever

Visit the Product Site

Astrée is a static code analyzer that proves the absence of run­time errors and invalid con­current behavior in safety-critical software written or gen­er­ated in C. Astrée primarily targets embedded applications as found in aero­nautics, earth trans­por ...

VendorAbsint
Pricing ModelLimited Free Trial
ModifiedNever
ECLAIR

Visit the Product Site

ECLAIR is a general platform for software verification. Applications range from coding rule validation, to automatic generation of testcases, to the proof of absence of run-time errors or generation of counterexamples, and to the specification of code mat ...

VendorBUGSENG srl
Pricing ModelCommercial
ModifiedNever
PC-lint

Visit the Product Site

PC-lint and FlexeLint are powerful static analysis tools that will check your C/C++ source code and find bugs, glitches, inconsistencies, non-portable constructs, redundant code, and much more. It looks across multiple modules, and so, enjoys a perspectiv ...

VendorGimpel Software LLC
Pricing ModelCommercial
ModifiedNever

Visit the Product Site

Python AST-based static analyzer from OpenStack Security Group

VendorOpenStack Security Group
Pricing ModelOpen Source
ModifiedNever

Visit the Product Site

Pylint is a source code, bug and quality checker for the Python programming language. It follows the style recommended by PEP 8, the Python style guide.

VendorLogilab
Pricing ModelOpen Source
ModifiedNever

Visit the Product Site

CodePeer is an Ada source code analyzer that detects run-time and logic errors. It assesses potential bugs before program execution, serving as an automated peer reviewer, helping to find errors easily at any stage of the development life-cycle. CodePeer ...

VendorAdaCore
Pricing ModelCommercial
ModifiedNever

Visit the Product Site

Continuous Inspection - SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced. With a Quality Gate in place, you can fix the leak and therefore improve code quality systematically. Detec ...

VendorSonarSource
Pricing ModelOpen Source
ModifiedNever
Code Security (SAST)

Visit the Product Site

Kiuwan Code Security (SAST) enforces a rigorous approach in the detection of security vulnerabilities. We strive to meet the most stringent requirements and our compliance reports meet all well known market standards (OWASP, CWE, MISRA, NIST, PCI, and CER ...

VendorKiuwan
Pricing ModelCommercial
ModifiedNever
Parasoft C/C++test

Visit the Product Site

Deliver C and C++ software that’s robust, predictable, and secure. Manage risk and costs by building better software. Static analysis and unit testing are critical for application quality, security, and safety, and the cornerstone of any connected-applic ...

VendorParasoft
Pricing ModelCommercial
ModifiedNever
Parasoft dotTEST

Visit the Product Site

Complement your existing Visual Studio tools with deep static analysis and advanced coverage. An automated, non-invasive solution that scans the application codebase to identify issues before they become production problems, Parasoft dotTEST integrates i ...

VendorParasoft
Pricing ModelCommercial
ModifiedNever

Visit the Product Site

Parasoft Jtest enables you to accelerate Java software development while minimizing risks introduced into the code, by providing comprehensive analysis, guidance, and tools to get the job done. Jtest integrates with Parasoft DTP for sophisticated reportin ...

VendorParasoft
Pricing ModelCommercial
ModifiedNever

Visit the Product Site

Polyspace®static code analysis products use formal methods to prove the absence of critical run-time errors under all possible control flows and data flows. They include checkers for coding rules, security vulnerabilities, code metrics, and hundreds of ad ...

VendorThe Mathworks, Inc.
Pricing ModelCommercial
ModifiedNever
Snappytick

Visit the Product Site

Snappy Tick Source Edition(SAST) is source code review tool, It help to identify the Vulnerability in Source code. Consider an In-line auditing approaches will identify the largest amount of most significant Security issues in your application and it veri ...

VendorInnovTouch
Pricing ModelCommercial
ModifiedNever