All categoriesLaunch brief →
Static Application Security Testing (SAST)
https://www.capterra.com/sast-software/Niches in this category - the functional product types blended into "Static Application Security Testing (SAST)" (19)
Cybersecurity Posture & Vulnerability Management10Application Security Testing & DevSecOps Platform10Agile & Software Development Collaboration Tool3AI Code Generation & Developer Assistant3Software Composition Analysis & Open Source Security Platform2Fuzzing & Software Security Testing Tool2Code Review & Static Analysis Platform2Internal Developer Platform & Self-Service Cloud Portal1Codeless / AI Test Automation Platform1Artifact Repository & Package Management Platform1Data Security & Encryption Platform1AI Governance & Compliance Platform1AI Observability & Model Monitoring1IT Operations & AIOps Platform1Sensitive Data Discovery & Classification Platform1Web Application & API Protection (WAAP) Platform1Salesforce DevOps & Release Management Platform1Kubernetes Management & Container Orchestration Platform1Security Compliance Automation Platform1
57 products2 pages scraped of 258 in category2 sponsored0 shortlisted
| # | Product | Rating | Reviews | Rec | Ease / Svc / Feat / Value | Description |
|---|---|---|---|---|---|---|
| 1 | 0 | 0 | - | – / – / – / – | JFrog Advanced Security is a software supply chain tool that analyzes vulnerabilities, scans code, and detects exposures. Learn more about JFrog Advanced Security | |
| 2 | 4.7 | 6 | - | 4.8 / 5.0 / 4.2 / 5.0 | Security-first SAST with zero distractions. Scan your code for quality and vulnerabilities & get alerts only for real security risks. Learn more about Aikido Security | |
| 3 | 4.8 | 6,169 | 92% | 4.4 / 4.3 / 4.7 / 4.6 | Find vulnerabilities in custom code using static analysis. Prevent new vulnerabilities from being introduced by scanning every PR. Learn more about GitHub | |
| 4 | 4.6 | 1,218 | 86% | 4.4 / 4.2 / 4.6 / 4.5 | GitLab unifies planning, CI/CD, security, and agentic AI, eliminating the tool handoffs that slow software delivery. Learn more today. Learn more about GitLab | |
| 5 | 4.6 | 83 | - | 4.3 / 4.2 / 4.5 / 4.3 | Dynatrace provides software intelligence to simplify cloud complexity and accelerate digital transformation. Learn more about Dynatrace | |
| 6 | 4.5 | 67 | - | 4.2 / 4.0 / 4.4 / 4.4 | SonarQube helps developers control code security by detecting Vulnerabilities and Security Hotspots early in the workflow. Learn more about SonarQube | |
| 7 | 4.4 | 35 | - | 4.5 / 4.4 / 4.6 / 4.2 | Kiuwan | Code Scanning That’s Built for Developers and Trusted by Security Teams Learn more about Kiuwan | |
| 8 | 4.4 | 35 | - | 4.4 / 4.2 / 4.2 / 4.0 | Acunetix is web app and API security software that automates testing, finds vulnerabilities, and integrates into development. Learn more about Acunetix | |
| 9 | 3.3 | 27 | - | 3.5 / 3.1 / 3.2 / 2.8 | Cloud-based solution that enables businesses to detect & prevent cyber threats with website scanning, malware removal and more. Learn more about SiteLock | |
| 10 | 4.7 | 26 | - | 4.5 / 4.5 / 4.4 / 4.2 | Invicti, formerly Netsparker, is a DAST-first AppSec platform proving real risks, cutting noise, and securing everything at scale. Learn more about Invicti | |
| 11 | 4.6 | 21 | - | 4.4 / 4.3 / 4.5 / 3.8 | Snyk's Developer Security Platform puts security expertise in the toolbox of every developer. Learn more about Snyk | |
| 12 | 4.6 | 19 | - | 4.2 / 4.2 / 4.6 / 4.2 | The universal repository manager for DevOps & AI. Securely manage, store & distribute binaries across your entire software supply chain Learn more about Artifactory | |
| 13 | 4.1 | 16 | - | 4.1 / 4.1 / 4.1 / 3.8 | Sigrid delivers a holistic SAST solution that empowers organizations to proactively manage software security risks. Learn more about Sigrid | |
| 14 | 4.8 | 14 | - | 4.5 / 4.7 / 4.5 / 4.2 | CodeScan offers static code analysis and automated scans of Salesforce policies to strengthen code quality and data security. Learn more about CodeScan | |
| 15 | 4.2 | 13 | - | 4.4 / 4.7 / 4.4 / 4.3 | BuildPiper: The Most Powerful Microservice Delivery Platform Learn more about BuildPiper | |
| 16 | 4.7 | 11 | - | 4.0 / 4.9 / 4.5 / 4.4 | CodeScene is a code analysis, visualization, and reporting tool. Reduce technical debt and deliver better code quality. Learn more about CodeScene | |
| 17 | 4.8 | 10 | - | 4.5 / 4.5 / 4.5 / 4.8 | The all-in-one code health platform that equips organizations with everything they need to build maintainable and secure software. Learn more about DeepSource | |
| 18 | 4.9 | 8 | - | 4.6 / 4.8 / 4.8 / 4.5 | Load balancing platform that helps businesses monitor application performances, detect anomalies, analyze root causes, and more. Learn more about Radware Alteon | |
| 19 | 4.6 | 8 | - | 3.9 / 4.4 / 4.5 / 4.5 | Klocwork is a static code analysis tool that identifies issues to enforce standards compliance for multiple programming languages. Learn more about Klocwork | |
| 20 | 4.7 | 7 | - | 4.3 / 4.5 / 4.1 / 5.0 | SonarQube for IDE is a free IDE plugin that helps developers by detecting and highlighting issues in their code in real time. Learn more about SonarLint | |
| 21 | 4.6 | 7 | - | 4.3 / 4.8 / 4.3 / 4.5 | Manage Open Source supply chain threats intelligently with Bytesafe's cloud-native security platform. Learn more about Bytesafe | |
| 22 | 4.3 | 7 | - | 4.6 / 3.5 / 4.4 / 4.3 | SonarQube is an automated code review solution, serving as the verification layer to review AI code for quality and security. Learn more about SonarQube Cloud | |
| 23 | 3.9 | 7 | - | 3.7 / 4.0 / 4.3 / 3.0 | Checkmarx One is an enterprise cloud-native application security platform that helps teams cut through the noise fix what matters most. Learn more about Checkmarx One | |
| 24 | 3.5 | 6 | - | 3.3 / 3.2 / 4.0 / 3.8 | A SAST solution designed to help businesses manage risks across the application portfolio and address quality defects in the SDLC. Learn more about Coverity | |
| 25 | 5 | 5 | - | 4.8 / 5.0 / 5.0 / 5.0 | AI-powered SAST with low noise, exploit-focused detection, smart prioritization, in-IDE guidance, fully integrated into CI/CD and ASPM. Learn more about Xygeni Security |