Top picks: Kodem C.O.R.E., SonarSource SonarQube, DerScanner Full Cycle Application Security Testing — plus 45 more compared.
Application SecurityDependencies is a free Static Application Security Testing tool. Security professionals most commonly compare it with . All 48 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to Dependencies, including their key features and shared capabilities.
Unified engine correlating static & runtime analysis for app security
Code quality and security platform with SAST, SCA, and AI-powered remediation
Full-cycle app security platform with SAST, DAST, MAST, SCA & binary analysis
AI-powered code analysis platform for security, quality, and developer insights
IDE plugin for SAST and SCA scanning with real-time vulnerability detection
AI-powered reverse engineering tool for analyzing compiled binaries
SAST tool using virtual compilers to analyze source code for vulnerabilities
SAST tool that scans source code and binaries for security vulnerabilities
Unified engine correlating static & runtime analysis for app security
Code quality and security platform with SAST, SCA, and AI-powered remediation
Full-cycle app security platform with SAST, DAST, MAST, SCA & binary analysis
AI-powered code analysis platform for security, quality, and developer insights
IDE plugin for SAST and SCA scanning with real-time vulnerability detection
AI-powered reverse engineering tool for analyzing compiled binaries
SAST tool using virtual compilers to analyze source code for vulnerabilities
SAST tool that scans source code and binaries for security vulnerabilities
AI-powered code analysis platform for technical due diligence and audits
Binary code analysis service for security testing compiled applications
Continuous secret scanning and leak detection tool with precommit checks
Developer-first SAST tool for finding security & privacy vulns in code.
Exploit mitigation tool for C/C++ firmware on embedded systems.
Python3 code protection against reverse engineering via opcode obfuscation.
Static binary analysis tool detecting behavioral changes in SW supply chain.
Code security and quality platform with SAST, SCA, DAST, and AI code protection
Open-source CLI tool for privacy code scanning and data flow analysis.
KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines.
A static analysis tool that detects Common Weakness Enumerations (CWEs) in ELF binaries across multiple CPU architectures using Ghidra-based disassembly and various analysis techniques.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
DumpsterDiver analyzes large datasets to detect hardcoded secrets, keys, and passwords using entropy calculations and customizable search rules.
A static analysis tool for Android apps that detects malware and other malicious code
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
A suite of secret scanners built in Rust for performance.
SAST tool that detects logical flaws and business logic vulnerabilities
AI-native SAST tool providing contextual code security analysis in pull requests
AI-powered SAST tool that finds and auto-fixes code vulnerabilities in real-time
Automated vulnerability remediation tool that fixes code security issues
AI-powered automated code security remediation bot for vulnerability fixes
AI-driven code analysis tool for API discovery and vulnerability detection
Static code analyzer & SAST tool for C, C++, Java, JavaScript, Python, Kotlin
Cloud-based SAST platform for code quality and security analysis
Scans IaC files for misconfigurations before deployment to production.
SAST solution that scans 30+ languages to find and fix code vulnerabilities
SAST engine that scans code commits for security vulnerabilities
DevSecOps platform for vulnerability detection and developer security training
An application security platform that combines multiple security scanners including SAST, SCA, container security, and compliance reporting with CI/CD integration capabilities.
AI-native AppSec platform for code security analysis and vulnerability detection
Automated app security testing platform for Salesforce and B2C Commerce
SAST tool that detects vulnerabilities and malicious code in custom source code
Detects and prevents secrets leakage across the software development lifecycle
SAST tool that scans code for vulnerabilities in 30+ languages with CI/CD integration
AI-powered AppSec platform with agentic agents for vulnerability prevention & fix
Detects hardcoded secrets in code repos, commits, and containers
IaC security scanner detecting vulnerabilities and misconfigurations in templates
IaC scanner for Terraform, CloudFormation, and Helm misconfigurations
Common questions security professionals ask when evaluating alternatives and competitors to Dependencies.
The most popular alternatives to Dependencies include Kodem C.O.R.E., SonarSource SonarQube, DerScanner Full Cycle Application Security Testing, The Code Registry AI-Powered Code Intelligence, and Black Duck Code Sight IDE Plug-in. These Static Application Security Testing tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
