Home » Static Application Security Testing (SAST) Software

Best Static Application Security Testing (SAST) Software

Products Buyer's Guide
9.0
Jtest
★★★★★

Jtest

Jtest helps development teams produce better code, test it more efficiently, and consistently monitor progress toward quality goals.

The perfect data flow analysis for static analysis and code coverage. Easy to setup. - User in Telecommunications

Ease of use
8.8
Support
9.1
Ease of Setup
8.9
Read full review
Free Trial
8.2
AttackFlow
★★★★★

AttackFlow

AttackFlow is a solution helps find security and quality weaknesses in software by analyzing the code.

Buena herramienta - SofГ­a S.

Ease of use
7.8
Support
8.2
Ease of Setup
7.0
Read full review
Free Trial
8.8
Appknox
★★★★★

Appknox

Appknox is a mobile security company that specializes in helping businesses and developers make their mobile applications more secure.

Good Customer Support - Praveen K.

Ease of use
9.2
Support
8.5
Ease of Setup
0.0

Languages supported: English, Japanese

Read full review
Free Trial
8.4
Coverity
★★★★★

Coverity

Coverity static analysis by Synopsys helps development and security teams find and fix defects and security flaws in code as it's being written. Coverity is highly accurate, supports thousands of developers, and quickly analyzes large projects exceeding 100 million lines of code, helping your teams build secure, high-quality software faster.

Coverity - nice functionality, cluttered UI - Daniel N.

Ease of use
8.5
Support
8.1
Ease of Setup
0.0
Read full review
Free Trial
8.8
GitLab
★★★★★

GitLab

An open source web interface and source control platform based on Git.

GitLab : More than version controlling - Jimesh S.

Ease of use
8.6
Support
8.9
Ease of Setup
9.1

Languages supported: English

Read full review
Free Trial
10.0
PT Application Inspector
★★★★★

PT Application Inspector

PT Application Inspector is designed to protect web applications of every scale: from landing pages and corporate portals to commerce, cloud services, and e-government systems.

Nice source code analyzer - User in Banking

Ease of use
Support
Ease of Setup
Read full review
Free Trial
9.2
CodeScan
★★★★★

CodeScan

CodeScan is a plugin for SonarQube and runs over 160 different checks for the quality on the Apex and VisualForce code.

Helps to facilitate SAST scan and secure code reviews - Ogaga U.

Ease of use
8.5
Support
9.3
Ease of Setup
8.2

Languages supported: English

Read full review
Free Trial
8.8
SonarQube
★★★★★

SonarQube

SonarQube products have innovative features to maximize quality and manage risk for both small and large software portfolios.

SonarQube - The go to static code analysis tool - Prathamesh S.

Ease of use
8.5
Support
8.9
Ease of Setup
8.6

Languages supported: German, English, French

Platforms: Mac, Win, Linux

Price: $$$$$

Business Size: 1

Read full review
Free Trial
8.2
Checkmarx
★★★★★

Checkmarx

Identify software security vulnerabilities & fix them

An efficient application to check vulnerability in the software - himanshu g.

Ease of use
8.0
Support
8.0
Ease of Setup
0.0
Read full review
Free Trial
9.0
Snyk
★★★★★

Snyk

Snyk is a security solution designed to find and fix vulnerabilities in Node.js and Ruby apps.

Simplest way to improve application security is using Snyk - Jean-Alexandre B.

Ease of use
8.6
Support
9.2
Ease of Setup
8.6
Read full review
Free Trial
7.4
HCL AppScan
★★★★★

HCL AppScan

HCL AppScan help minimize web application attacks and expensive data breaches by automating testing of application security vulnerabilities. It allows you to test applications before deploying them and assess risk in production environments on an ongoing basis.

Best Tools for application testing - Pratap K.

Ease of use
8.4
Support
6.6
Ease of Setup
8.5
Read full review
Free Trial
8.8
Kiuwan Code Security & Insights
★★★★★

Kiuwan Code Security & Insights

Provides an end-to-end Application Security platform to bring you objective data so you can make informed decisions regarding the security, risk, cost, activity, quality, maintainability, efficiency and dependencies of your applications.

Faster to integration with Jenkins - Rosnel A.

Ease of use
8.1
Support
8.9
Ease of Setup
0.0

Languages supported: English

Read full review
Free Trial
8.0
CodeSonar
★★★★★

CodeSonar

CodeSonar, GrammaTech's flagship static analysis SAST tool, identifies bugs that can result in system crashes, unexpected behavior, and security breaches.

Decent Tool - Rohit M.

Ease of use
Support
Ease of Setup
Read full review
Free Trial
7.0
bugScout
★★★★★

bugScout

bugScout is a SAST platform for detecting vulnerabilities in application and website source codes.

Scouting Vulnerabilities - Consultant in Computer & Network Security

Ease of use
Support
Ease of Setup

Languages supported: English, Portuguese, Spanish

Read full review
Free Trial
9.2
GitHub
★★★★★

GitHub

GitHub is the best place to share code with friends, co-workers, classmates, and complete strangers. Over two million people use GitHub to build amazing things together.

A great place to manage your projects. - Carlos F.

Ease of use
8.7
Support
9.4
Ease of Setup
7.8

Platforms: Mac, Win, Linux

Price: $$$$$

Business Size: 0

Read full review
Free Trial
9.0
Micro Focus Fortify Static Code Analzyer
★★★★★

Micro Focus Fortify Static Code Analzyer

Fortify Static Code Analyzer is designed to identify security vulnerabilities in the user's source code early in the software development lifecycle and provides best practices so developers can code more securely.

Must have to secure your Modern Cloud Applications - Jobin T.

Ease of use
9.2
Support
9.0
Ease of Setup
8.6
Read full review
Free Trial
9.0
VisualCodeGrepper
★★★★★

VisualCodeGrepper

VCG is an automated code security review tool for C++, C#, VB, PHP, Java and PL/SQL which is intended to drastically speed up the code review process by identifying bad/insecure code. It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. It attempts to find ...

Code security review tool for developer - User in Computer Software

Ease of use
Support
Ease of Setup
Read full review
Free Trial
9.0
ESOF
★★★★★

ESOF

Prioritize remediation based on AI algorithm calculated cyber score, and get continuous reports on your security posture and security team performance.

Vulnerability Management Suit (VulMan) - Administrator in Investment Banking

Ease of use
Support
Ease of Setup
Read full review
Free Trial
8.0
CodePeer
★★★★★

CodePeer

CodePeer is an Ada source code analyzer that detects run-time and logic errors. It assesses potential bugs before program execution, serving as an automated peer reviewer, helping to find errors easily at any stage of the development life-cycle. CodePeer helps you improve the quality of your code and makes it easier for you to perform safety and/or security analysis.

Security guarantees of the software we develop - Nina J.

Ease of use
Support
Ease of Setup
Read full review
Free Trial
10.0
Xanitizer
★★★★★

Xanitizer

Xanitizer specializes in security analysis of web applications and also considers the behavior of the applied web frameworks. By means of static code analysis the tool systematically scans the program code of an entire system for security vulnerabilities. Xanitizer investigates not only the source code, but also configuration files and templates for rendering the HTML output.

Professional Tool for Professional Results - Bernhard H.

Ease of use
Support
Ease of Setup

Languages supported: English

Read full review
Free Trial
10.0
Sentinel
★★★★★

Sentinel

Cloud-based web application security platform

WhiteHat's Sentinel - Administrator in Banking

Ease of use
Support
Ease of Setup

Languages supported: Arabic, German, English, French

Read full review
Free Trial
0.0
PVS-Studio
★★★★★

PVS-Studio

PVS-Studio is a powerful static source code analysis solution for bug detection in C, C++, and C# projects on Windows and Linux. It is intended for use in detecting and fixing security and quality issues in code, before they turn into vulnerabilities, crashes, or painful debugging.

-

Ease of use
Support
Ease of Setup

Languages supported: English, Russian

Read full review
Free Trial
0.0
reshift
★★★★★

reshift

reshift is a continuous application security testing platform that helps software development teams integrate security earlier in the software development life cycle. We make security easier to integrate than other solutions because of two things: 1. Integrations: We don't want to add more work for the developers and that's why we created an end to end solution that seamlessly works with the modern day development workflow. Simply log into ...

-

Ease of use
Support
Ease of Setup
Read full review
Free Trial
0.0
YAG-Suite
★★★★★

YAG-Suite

YAGAAN is a pioneer in the field of SAST. The YAG-Suite successfully integrates machine learning with static analysis to generate very low false positive rates and offer unprecedented code mining investigation capabilities to Java and PHP auditors, pentesters and developers. YAGAAN brings your application security assessments and code reviews one step forward in terms of relevance and efficiency.

-

Ease of use
Support
Ease of Setup

Languages supported: English, French

Read full review
Free Trial

B2B Software Guide provides unbiased software reviews to help business owners choose the right software for their needs.

DMCA.com Protection Status
B2B Software Guide