Application Security for Static Analysis

Mandos

Commercial

Consulting

Checkmarx SCA

Commercial

Application Security

Orca Security

Commercial

Cloud Security

DryRun

Commercial

Application Security

LATEST ADDITIONS

• 

  Symbiotic Security

  An IDE-integrated AI security solution that detects, remediates, and educates about code vulnerabilities in real-time as developers write code.

  0

  Commercial

  Application Security

  Ai

  Application Security

  Code Security

  Security Automation

  Devsecops

  Security Analysis

  Vulnerability Detection

  Security Education

  Ide

  Static Analysis

  Share

  

  Symbiotic Security

  An IDE-integrated AI security solution that detects, remediates, and educates about code vulnerabilities in real-time as developers write code.

  0

  Commercial

  Application Security

  Ai

  Application Security

  Code Security

  +7
• 

  ImmuniWeb® MobileSuite

  ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.

  0

  Commercial

  Application Security

  Mobile Security

  Penetration Testing

  Application Security

  Api Security

  Owasp

  Compliance

  Vulnerability Assessment

  Static Analysis

  Dynamic Analysis

  Android Security

  Ios

  Devsecops

  Security Testing

  Appsec

  Share

  

  ImmuniWeb® MobileSuite

  ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.

  0

  Commercial

  Application Security

  Mobile Security

  Penetration Testing

  Application Security

  +11
• 

  ReversingLabs Spectra Assure

  A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.

  1

  Commercial

  Application Security

  Software Supply Chain

  Binary Analysis

  Vulnerability Detection

  Malware Detection

  Security Scanning

  Devsecops

  Threat Intelligence

  Static Analysis

  Dynamic Analysis

  Secret Detection

  Share

  

  ReversingLabs Spectra Assure

  A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.

  1

  Commercial

  Application Security

  Software Supply Chain

  Binary Analysis

  Vulnerability Detection

  +7
• 

  Offensive 360

  A static application security testing (SAST) platform that performs comprehensive source code analysis to identify vulnerabilities, malware, and security issues in application code and dependencies.

  0

  Commercial

  Application Security

  Application Security

  Static Analysis

  Source Code Analysis

  Vulnerability Detection

  Security Scanning

  Devsecops

  Malware Detection

  Dependency Scanning

  Ci Cd

  Code Security

  Share

  

  Offensive 360

  A static application security testing (SAST) platform that performs comprehensive source code analysis to identify vulnerabilities, malware, and security issues in application code and dependencies.

  0

  Commercial

  Application Security

  Application Security

  Static Analysis

  Source Code Analysis

  +7
• 

  OpenText Fortify Aviator

  An AI-powered code security tool that analyzes code for vulnerabilities and provides automated fix suggestions to accelerate remediation.

  0

  Commercial

  Application Security

  Ai

  Application Security

  Code Security

  Security Automation

  Static Analysis

  Vulnerability Management

  Sast

  Devsecops

  Security Testing

  Large Language Models

  Share

  

  OpenText Fortify Aviator

  An AI-powered code security tool that analyzes code for vulnerabilities and provides automated fix suggestions to accelerate remediation.

  0

  Commercial

  Application Security

  Ai

  Application Security

  Code Security

  +7
• 

  Qwiet

  Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.

  0

  Commercial

  Application Security

  Application Security

  Ai

  Sast

  Static Analysis

  Vulnerability Management

  Devsecops

  Security Automation

  Code Security

  Sbom

  Secrets

  Share

  

  Qwiet

  Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.

  0

  Commercial

  Application Security

  Application Security

  Ai

  Sast

  +7
• 

  SonarQube Server

  A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.

  0

  Commercial

  Application Security

  Application Security

  Static Analysis

  Security Scanning

  Vulnerability Detection

  Code Security

  Ci Cd

  Security Testing

  Sast

  Devsecops

  Source Code Analysis

  Share

  

  SonarQube Server

  A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.

  0

  Commercial

  Application Security

  Application Security

  Static Analysis

  Security Scanning

  +7
• 

  Flyingduck

  A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.

  2

  Commercial

  Application Security

  Application Security

  Static Analysis

  Devsecops

  Ci Cd

  Vulnerability Detection

  Dependency Scanning

  Sbom

  Ai

  Security Automation

  Github

  Share

  

  Flyingduck

  A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.

  2

  Commercial

  Application Security

  Application Security

  Static Analysis

  Devsecops

  +7
• 

  DryRun

  A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

  1

  Commercial

  Application Security

  Application Security

  Github

  Code Security

  Static Analysis

  Security Automation

  Devsecops

  Share

  

  DryRun

  A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

  1

  Commercial

  Application Security

  Application Security

  Github

  Code Security

  +3
• 

  Octoscan

  Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.

  0

  Free

  Application Security

  Github

  Ci Cd

  Static Analysis

  Vulnerability Scanning

  Workflow

  Security Automation

  Share

  

  Octoscan

  Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.

  0

  Free

  Application Security

  Github

  Ci Cd

  Static Analysis

  +3
• 

  detect-secrets

  A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.

  0

  Free

  Application Security

  Application Security

  Secret Detection

  Devsecops

  Source Code Analysis

  Static Analysis

  Security Scanning

  Cli Tool

  Automation

  Secret Management

  Appsec

  Share

  

  detect-secrets

  A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.

  0

  Free

  Application Security

  Application Security

  Secret Detection

  Devsecops

  +7
• 

  StaCoAn

  StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.

  0

  Free

  Application Security

  Mobile Security

  Static Analysis

  Code Analysis

  Share

  

  StaCoAn

  StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.

  0

  Free

  Application Security

  Mobile Security

  Static Analysis

  Code Analysis
• 

  APKLeaks

  APKLeaks is a command-line tool that scans Android APK files to identify URIs, endpoints, and secrets embedded within application code.

  0

  Free

  Application Security

  Android

  Apk

  Mobile Security

  Static Analysis

  Security Scanning

  Application Security

  Secret Detection

  Android Security

  Appsec

  Share

  

  APKLeaks

  APKLeaks is a command-line tool that scans Android APK files to identify URIs, endpoints, and secrets embedded within application code.

  0

  Free

  Application Security

  Android

  Apk

  Mobile Security

  +6
• 

  Bearer CLI

  Static application security testing (SAST) tool for scanning source code against security and privacy risks.

  0

  Free

  Application Security

  Appsec

  Sast

  Static Analysis

  Security Testing

  Vulnerability Scanning

  Code Security

  Share

  

  Bearer CLI

  Static application security testing (SAST) tool for scanning source code against security and privacy risks.

  0

  Free

  Application Security

  Appsec

  Sast

  Static Analysis

  +3
• 

  Argus-SAF

  Argus-SAF is a static analysis framework for security vetting Android applications.

  0

  Free

  Application Security

  Static Analysis

  Mobile Security

  Share

  

  Argus-SAF

  Argus-SAF is a static analysis framework for security vetting Android applications.

  0

  Free

  Application Security

  Static Analysis

  Mobile Security
• 

  Whispers

  A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.

  0

  Free

  Application Security

  Static Analysis

  Code Analysis

  File Analysis

  Share

  

  Whispers

  A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.

  0

  Free

  Application Security

  Static Analysis

  Code Analysis

  File Analysis
• 

  FlowDroid

  FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.

  0

  Free

  Application Security

  Static Analysis

  Flow Analysis

  Share

  

  FlowDroid

  FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.

  0

  Free

  Application Security

  Static Analysis

  Flow Analysis
• 

  Androguard module for Yara

  Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.

  0

  Free

  Application Security

  Androguard

  Android Security

  Yara

  Static Analysis

  Mobile Security

  Share

  

  Androguard module for Yara

  Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.

  0

  Free

  Application Security

  Androguard

  Android Security

  Yara

  +2
• 

  Stowaway

  A static analysis tool for Android apps that detects malware and other malicious code

  0

  Free

  Application Security

  Appsec

  Binary Security

  Malware Detection

  Static Analysis

  Share

  

  Stowaway

  A static analysis tool for Android apps that detects malware and other malicious code

  0

  Free

  Application Security

  Appsec

  Binary Security

  Malware Detection

  +1
• 

  NodeJsScan

  Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.

  0

  Free

  Application Security

  Nodejs

  Sast

  Static Analysis

  Security Testing

  Devsecops

  Share

  

  NodeJsScan

  Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.

  0

  Free

  Application Security

  Nodejs

  Sast

  Static Analysis

  +2
• 

  Joint Advanced Application Defect Assessment for Android Application (JAADAS)

  JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.

  0

  Free

  Application Security

  Static Analysis

  Java

  Vulnerability Detection

  Share

  

  Joint Advanced Application Defect Assessment for Android Application (JAADAS)

  JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.

  0

  Free

  Application Security

  Static Analysis

  Java

  Vulnerability Detection