Static Application Security Testing

Binary analysis tool providing file summaries and security assessments

A JavaScript security scanning platform that detects exposed secrets, API keys, and vulnerabilities in JavaScript files through continuous monitoring and automated discovery.

An IDE-integrated AI security solution that detects, remediates, and educates about code vulnerabilities in real-time as developers write code.

A DevSecOps platform that combines SAST, DAST, SCA, and secret scanning with AI/ML-based analysis for continuous application security testing and vulnerability management.

A static application security testing (SAST) platform that performs comprehensive source code analysis to identify vulnerabilities, malware, and security issues in application code and dependencies.

DerScanner is a comprehensive application security testing platform that combines SAST, DAST, MAST, SCA, and Binary Analysis capabilities with support for on-premises deployment and CI/CD integration.

An AI-powered code security tool that analyzes code for vulnerabilities

Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.

An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.

A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.

A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.

An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

An automated code remediation tool that integrates with source control platforms to automatically fix security vulnerabilities in code through AI-driven analysis and one-click implementations.

A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.

Backslash Security is an application security platform that uses reachability analysis to enhance SAST and SCA, prioritize vulnerabilities, and provide remediation guidance.

Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.

Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.

Checkmarx One SAST is a static application security testing tool that combines speed and security to improve developer experience.

Veracode is an intelligent software security platform that helps developers and security teams secure code, find and fix flaws, and automate remediation.

A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.

VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.

A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.