App comparison

Add up to 4 apps below to see how they compare. You can also use the "Compare" buttons while browsing.

Static Application Security Testing (SAST) Software

39 software options

Sponsored

Personalize your search

Any industry

Any business size

Flawnter logo

Flawnter

(0)

Improve your application code security and quality

visit website
Flawnter helps automate static application security testing to find hidden security and quality flaws at the source. Unlimited code scanning and free extensions.

Read more about Flawnter

Users also considered
Invicti logo

Invicti

4.7
(18)

Security scanning & vulnerability management

visit website
Invicti, formerly Netsparker, web application security scanning solution automatically identifies XSS, SQL Injection and other vulnerabilities in websites, web applications and web services and lets enterprise-class businesses automate and scale their web security program.

Read more about Invicti

Users also considered
GitHub logo

GitHub

4.8
(5.8K)

Social coding & collaborative development platform

learn more
GitHub is a place to share code with friends, co-workers, classmates, and complete strangers, helping individuals and teams to write faster, better code

Read more about GitHub

Users also considered
GitLab logo

GitLab

4.6
(1K)

Complete DevOps lifecycle management

learn more
GitLab is an integrated, open source DevOps lifecycle management platform for software development teams to plan, code, test, deploy & monitor product changes

Read more about GitLab

Users also considered
SonarQube logo

SonarQube

4.6
(52)

Continuous Code Quality and Code Security tool.

learn more
SonarQube is a tool used for continuously inspecting Code Quality and Code Security for development teams during code reviews.

Read more about SonarQube

Users also considered
Dynatrace logo

Dynatrace

4.5
(49)

All-in-One Application Performance Monitoring

learn more
Dynatrace Ruixt is an all-in-one application performance monitoring

Read more about Dynatrace

Users also considered
Kiuwan logo

Kiuwan

4.4
(35)

Security Solutions for your DevOps Process

learn more
Kiuwan is a cloud-based application security solution which combines automatic code scanning with automated management of open source components. The platform supports a range of technologies and integrates with a variety of tools such as build systems, bug tracking and code repositories.

Read more about Kiuwan

Users also considered
Acunetix logo

Acunetix

4.4
(34)

All-in-one automated web application security solution

learn more
Acunetix (by Invicti) is a cyber security solution offering automatic web security testing technology that enables organizations to scan and audit complex, authenticated, HTML5 and JavaScript-heavy websites to detect vulnerabilities such as XSS, SQL Injection, and more.

Read more about Acunetix

Users also considered
Snyk logo

Snyk

4.7
(17)

Cloud-based security platform to track & fix vulnerabilities

learn more
Snyk is a cloud-based application security and testing platform, which helps enterprises discover and fix vulnerabilities across open source libraries, containers, or codes throughout the development process. Features include runtime monitoring, reporting, exploitability indicators, alerts, and prioritization.

Read more about Snyk

Users also considered
Artifactory logo

Artifactory

4.7
(17)

Artifact repository manager for software development teams

learn more
JFrog Artifactory is a binary repository management SaaS solution that provides software development and DevOps teams with a single source of truth for sourcing, storing, sharing, and deploying software components. Release your software with security and ease.

Read more about Artifactory

Users also considered
CodeScan logo

CodeScan

4.8
(14)

Quality and Security for the Salesforce Platform

learn more
For Salesforce DevOps teams, CodeScan helps businesses scan and analyze Salesforce codes, define quality and security standards, and ensure compliance with statutory guidelines across code development projects. We have 350+ rules and support all Salesforce languages and Metadata.

Read more about CodeScan

Users also considered
CodeScene logo

CodeScene

4.7
(11)

Software Analysis Tool for Improving Code Health

learn more
CodeScene is a tool that maps hotspots in a codebase and pinpoints the exact lines of unhealthy code hindering software delivery flow.

Read more about CodeScene

Users also considered
DeepSource logo

DeepSource

4.8
(10)

The Code Health Solution.

learn more
DeepSource is the code health platform that all tools needed to write maintainable and secure code to improve software's stability and increase developer velocity.

Read more about DeepSource

Users also considered
Klocwork logo

Klocwork

4.6
(8)

Static code analysis tool with continuous compliance

learn more
Klocwork is a web-based static code analysis software designed to help businesses identify and manage software security and quality in compliance with regulatory guidelines. It lets DevOps teams detect various security vulnerabilities including tainted data, SQL injection, vulnerable coding practices, buffer overflow, and more.

Read more about Klocwork

Users also considered
SonarLint logo

SonarLint

4.7
(7)

Open-source IDE extension

learn more
SonarLint is a free and open-source IDE extension that allows developers to detect and fix bugs, vulnerabilities, and code smells to create Clean Code.

Read more about SonarLint

Users also considered
BuildPiper logo

BuildPiper

4.2
(12)

Delivering software just got faster

learn more
BuildPiper is a product by OpsTree Labs, which is an end-to-end Kubernetes and microservices Delivery Platform. It is a hybrid cloud-enabled system that facilitates the deployment of dockerized code across multiple environments.

Read more about BuildPiper

Users also considered
GuardRails logo

GuardRails

5.0
(5)

Application security software

learn more
With GuardRails, you can finally feel safe on every level of your security. The platform enhances development processes and gives developers control via its layered approach that shields them from code to the cloud for complete protection against attackers.

Read more about GuardRails

Users also considered
Bytesafe logo

Bytesafe

4.6
(7)

Source code and vulnerability management platform

learn more
Bytesafe is a firewall for dependencies. Using the source code and vulnerability management platform, businesses can protect applications, stay in control and keep unwanted dependencies out of the organization.

Read more about Bytesafe

Users also considered
SonarCloud logo

SonarCloud

4.3
(7)

Web-based tool for catchin bugs and security vulnerabilities

learn more
SonarCloud is the leading online service to catch bugs and security vulnerabilities in pull requests and throughout the code repositories.

Read more about SonarCloud

Users also considered
SiteLock logo

SiteLock

3.2
(23)

Threat intelligence software for eCommerce businesses

learn more
SiteLock is a static application security testing (SAST) software designed to help businesses protect websites against malware and distributed denial-of-service (DDoS) attacks. Key features of the platform include threat detection, database scanning, bad bot blocking, automated plugin patching, security vulnerability repair, and website acceleration.

Read more about SiteLock

Users also considered
CxSAST logo

CxSAST

3.9
(7)

Software for managing application risks and vulnerabilities

learn more
Checkmarx Static Application Security Testing (CxSAST) is designed to help businesses conduct static analysis for identifying vulnerabilities in custom codes and open source applications. It enables DevOps teams to scan source codes in the software development lifecycle (SDLC), mitigate risks, and gain insights into the system's security framework.

Read more about CxSAST

Users also considered
Fortify logo

Fortify

5.0
(2)

Application security, data security, and threat detection.

learn more
Fortify enables businesses of all sizes to protect their applications, data and the rest of their assets from cyber criminals. With strategic outcomes ranging from DevSecOps to secure data analytics, Fortify helps enterprises gain visibility into their applications, detect threats quickly and defend against them effectively with automated incident response capabilities.

Read more about Fortify

Users also considered
Nexus Lifecycle logo

Nexus Lifecycle

4.0
(4)

Application security and dependency management solution

learn more
Nexus Lifecycle by Sonatype is an application security and dependency management solution designed to help organizations manage open-source governance and automatically find and fix vulnerabilities across the entire software development lifecycle (SDLC). The platform enables developers to monitor security standards in the development process and access a centralized vulnerabilities database to implement best practices and detect and avoid online attacks or hack attempts.

Read more about Nexus Lifecycle

Users also considered
Apiiro logo

Apiiro

4.3
(3)

AppSec management tool to secure cloud software development.

learn more
Apiiro is re-inventing the secure development lifecycle for agile and cloud-native development. It helps businesses transform application security into multidimensional application risk.

Read more about Apiiro

Users also considered
Coverity logo

Coverity

3.5
(6)

Build secure, high-quality software faster.

learn more
Coverity is a static application security testing (SAST) solution designed to help businesses manage risks across the application portfolio, address quality defects in the software development life cycle, and maintain compliance with many coding and security standards.

Read more about Coverity

Users also considered