App comparison

Add up to 4 apps below to see how they compare. You can also use the "Compare" buttons while browsing.

Static Application Security Testing (SAST) Software with Alerts/Notifications

GetApp offers objective, independent research and verified user reviews. We may earn a referral fee when you visit a vendor through our links. Learn more

17 software options

Sponsored

1 filter applied


Integrated with


Pricing model


Devices supported



User rating


Personalize your search

Any industry

Any business size

Invicti logo
4.7
(18)

Security scanning & vulnerability management

visit website
Invicti, formerly Netsparker, web application security scanning solution automatically identifies XSS, SQL Injection and other vulnerabilities in websites, web applications and web services and lets enterprise-class businesses automate and scale their web security program.

Read more about Invicti

Users also considered
GitLab logo
4.6
(1K)

Complete DevOps lifecycle management

learn more
GitLab is an integrated, open source DevOps lifecycle management platform for software development teams to plan, code, test, deploy & monitor product changes

Read more about GitLab

Users also considered
Dynatrace logo
4.5
(51)

All-in-One Application Performance Monitoring

learn more
Dynatrace Ruixt is an all-in-one application performance monitoring

Read more about Dynatrace

Users also considered
Acunetix logo
4.4
(34)

All-in-one automated web application security solution

learn more
Acunetix (by Invicti) is a cyber security solution offering automatic web security testing technology that enables organizations to scan and audit complex, authenticated, HTML5 and JavaScript-heavy websites to detect vulnerabilities such as XSS, SQL Injection, and more.

Read more about Acunetix

Users also considered
Artifactory logo
4.7
(18)

Artifact repository manager for software development teams

learn more
JFrog Artifactory is a binary repository management SaaS solution that provides software development and DevOps teams with a single source of truth for sourcing, storing, sharing, and deploying software components. Release your software with security and ease.

Read more about Artifactory

Users also considered
CodeScene logo
4.7
(11)

Next Generation Code Analysis

learn more
CodeScene is a code analysis, visualization, and reporting tool. Cross reference contextual factors such as code quality, team dynamics, and delivery output to get actionable insights to effectively reduce technical debt and deliver better code quality.

Read more about CodeScene

Users also considered
Klocwork logo
4.6
(8)

Static code analysis tool with continuous compliance

learn more
Klocwork is a web-based static code analysis software designed to help businesses identify and manage software security and quality in compliance with regulatory guidelines. It lets DevOps teams detect various security vulnerabilities including tainted data, SQL injection, vulnerable coding practices, buffer overflow, and more.

Read more about Klocwork

Users also considered
BuildPiper logo
4.2
(13)

Delivering software just got faster

learn more
BuildPiper is a product by OpsTree Labs, which is an end-to-end Kubernetes and microservices Delivery Platform. It is a hybrid cloud-enabled system that facilitates the deployment of dockerized code across multiple environments.

Read more about BuildPiper

Users also considered
GuardRails logo
5.0
(5)

Application security software

learn more
With GuardRails, you can finally feel safe on every level of your security. The platform enhances development processes and gives developers control via its layered approach that shields them from code to the cloud for complete protection against attackers.

Read more about GuardRails

Users also considered
Bytesafe logo
4.6
(7)

Source code and vulnerability management platform

learn more
Bytesafe is a firewall for dependencies. Using the source code and vulnerability management platform, businesses can protect applications, stay in control and keep unwanted dependencies out of the organization.

Read more about Bytesafe

Users also considered
SonarCloud logo
4.3
(7)

SonarCloud is a cloud-based alternative of the SonarQube .

learn more
SonarCloud is a cloud based (SaaS) static code analysis solution that can be used by dev teams to ensure code quality and security.

Read more about SonarCloud

Users also considered
Aikido Security logo
4.6
(5)

System for identifying and managing code vulnerabilities

learn more
Aikido Security secures your source code by combining different scanning capabilities. SAST, DAST, IAC, SCA, SCPM, Container Scanning, Dependencies Scanning & Secrets detection, all in one tool.

Read more about Aikido Security

Users also considered
CxSAST logo
3.9
(7)

Software for managing application risks and vulnerabilities

learn more
Checkmarx Static Application Security Testing (CxSAST) is designed to help businesses conduct static analysis for identifying vulnerabilities in custom codes and open source applications. It enables DevOps teams to scan source codes in the software development lifecycle (SDLC), mitigate risks, and gain insights into the system's security framework.

Read more about CxSAST

Users also considered
Jit logo
5.0
(1)

The easiest way to secure your code and cloud

learn more
Jit is the easiest way to secure your code and cloud, providing full application and cloud security coverage in minutes.

Our platform empowers developers to own the security of their code without ever leaving their workflow, prioritizing and fixing the alerts that matter.

Read more about Jit

Users also considered
Veracode logo
4.0
(1)

Software for scanning & managing application vulnerabilities

learn more
Veracode is a static application security testing (SAST) software designed to help businesses review applications' source code to identify vulnerabilities. The platform allows software developers to conduct application analysis and receive automated security feedback in the IDE and CI/CD pipeline.

Read more about Veracode

Users also considered
ShiftLeft CORE logo
(0)

A code security platform for developers.

learn more
ShiftLeft CORE is an application security platform that improves collaboration between Dev and AppSec teams and provides early scans of code at scale.

Read more about ShiftLeft CORE

Users also considered
Bearer logo
(0)

Fix data security risks before you release

learn more
Bearer enables security and engineering teams to implement data security policies and mitigate risks throughout the development lifecycle.

Read more about Bearer

Users also considered