Static Application Security Testing Tools
Static Application Security Testing (SAST) tools for static code analysis that detect security vulnerabilities and coding flaws in source code during development.
Browse 180 static application security testing tools
FEATURED
USE CASES
POPULAR
TRENDING CATEGORIES
Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
524
Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
413
Managed Detection and Response
Managed Detection and Response (MDR) services that provide 24/7 threat monitoring, detection, and response capabilities managed by security experts.
299
Multi-Factor Authentication and Single Sign-On
Multi-factor authentication (MFA) and single sign-on (SSO) solutions for secure user authentication and access control.
296
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
289
View All Categories →Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox
180 tools · 57 free, 123 commercial|Related:
Static Application Security Testing Tools FAQ
Common questions about Static Application Security Testing tools, selection guides, pricing, and comparisons.
Reduce false positives by: tuning rules to your technology stack and coding patterns, using incremental scanning (only scan changed code), establishing a baseline and triaging existing findings, integrating SAST results with IAST or DAST to validate findings at runtime, and configuring suppressions for known safe patterns specific to your codebase.
Have more questions? Browse our categories or search for specific tools.