Find top products in Static Application Security Testing (SAST) Software category

GitHub Advanced Security is an application security testing solution that is natively embedded in the developer workflow. It empowers DevSecOps teams to prioritize innovation and enhance developer productivity without sacrificing security. Automated security checks are run with every pull request, surfacing issues in the context of the development workflow so vulnerabilities are fixed in minutes, not months. Our developer-first solution unlocks your ability to keep your code, supply chain, and secrets secure before you push to production. GitHub Advanced Security gives security teams visibility into the cross-organizational security posture and supply chain, and unparalleled access to curated security intelligence from millions of developers and security researchers around the world. Available for GitHub Enterprise users.

Automated DevSecOps for CI/CD Pipelines - Maintain high velocity while delivering highly secure application services. Harness STO orchestrates your preferred application security scanners, ingests and analyzes the results, and provides a prioritized list of vulnerabilities to the developers. STO also makes it possible to govern pipelines using application security guardrails with policy-as-code. - Centralize all app scanner results in a single solution for Security and Engineering - Reduce the developer workload associated with DevSecOps - Shift-left application security into CI/CD pipelines - Govern the usage of security scanners in pipelines - Easily track security exceptions - Application security reports for Security and Engineering teams

Mend AI gives you complete visibility into the AI components used in your applications—detecting frameworks, models, and libraries embedded in your code. It also analyzes behavioral risks through AI red-teaming and evaluates the security and compliance risks of every AI component.

GitGuardian is an end-to-end NHI security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards. With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and NHI Governance. This dual approach enables the detection of compromised secrets across your dev environments while also managing non human identities and their secrets lifecycle. The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense. Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF and Bouygues Telecom for robust secrets protection.

Veracode Static Analysis (SAST) helps developers quickly and accurately find and fix security flaws in proprietary code with detailed remediation guidance during each stage of software development.

Fortify Static Code Analyzer provides static application security testing (SAST) to analyze application binary and source code for security vulnerabilities. SCA identifies root causes of security vulnerabilities, correlates and prioritizes results. SCA provides line of code detail and guidance on how to remediate the identified vulnerabilities, consequences if it's not addressed, and provides information on best practices to help developers code more securely. With flexible deployment and enterprise scaling you can accurately meet the changing demands of your CI/CD pipeline. Available on premises, in the cloud, or AppSec-as-a-Service.

Zimperium’s Mobile Application Protection Suite (MAPS) takes a different approach from traditional point solutions. It is the only unified platform that combines automated security testing, comprehensive inapp protection, and centralized threat visibility. It helps enterprises build secure, compliant, resilient mobile apps by making it easy to integrate frictionless security across the entire app lifecycle.

The Unified Cloud Security Suite Identify. Source Code Analysis. Website security. Application Security. Network Security. Mobile Security.

Codacy Guardrails is a brand new way of enforcing code security and quality standards for AI-generated code, built into the free Codacy IDE Extension for VSCode, Cursor, and Windsurf. Guardrails help developers ship safer, cleaner AI code by applying best practices and blocking insecure patterns while the code is being generated. Besides real-time AI code scanning, Guardrails users can now prompt all their Codacy findings, without ever leaving the AI chat panel inside their IDE.

The ZeroNorth application security automation and orchestration platform unites enterprises to rapidly identify, prioritize and remove the vulnerabilities standing in the way of software excellence.