Best Secure Code Review Software

Researched and written by Adam Crivello

Secure code review software enables either automated or manual code examination to seek out vulnerabilities and security risks. These solutions are similar to peer code review software, but they are specifically focused on ensuring security best practices as opposed to general coding best practices, and some solutions execute automated code review rather than enabling peer review. Manual secure code review software allows multiple developers to view and comment on changes to code so that the code’s author can remediate any security issues. Automated secure code review software takes the place of a human peer, scanning for noncompliant code and leaving remediation suggestions for the author.

This software helps DevSecOps teams to shift the onus of secure software onto developers, allowing teams to remediate security issues earlier in the continuous delivery process. In doing so, teams can better achieve secure code as the default, rather than risk deploying vulnerable software.

To qualify for inclusion in the Secure Code Review category, a product must:

  • Scan an author’s code or allow other developers to view it
  • Automatically leave comments on specific code, or allow other developers to do the same
  • Explicitly focus on code security
  • Send messages when requests for code review happen or code review comments are submitted

How Many Secure Code Review Software Products Does G2 Track?

Total Products under this Category: 68

Category Stats (Jun 2026)

  • Average Rating: 4.54/5 (↑0.01 vs May 2026) The average rating of products in this category, based on all submitted ratings
  • New Reviews This Quarter: 31
  • Buyer Segments: Small-Business 53% │ Mid-Market 32% │ Enterprise 15% Represents the distribution of reviewers across all products in this category.
  • Top Trending Product: Veracode Application Security Platform (+0.74%) - Among all products in this category, Veracode Application Security Platform recorded the largest rating increase compared to last month

Last updated: June 09, 2026

How Does G2 Rank Secure Code Review Software Products?

Why You Can Trust G2's Software Rankings:

  • 30 Analysts and Data Experts
  • 4,900+ Authentic Reviews
  • 68+ Products
  • Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.

Featured Secure Code Review Software At A Glance

Free Plan Available:
OX Security
OX Security
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Leader:
GitHub
Highest Performer:
OX Security
Easiest to Use:
GitGuardian
Top Trending:
Aikido Security
Best Free Software:
GitHub

GitHub

(2,366)4.7 out of 5
Product Description

GitHub is where the world builds software. Millions of individuals, organizations and businesses around the world use GitHub to discover, share, and contribute software. Developers at startups to Fort

Users: Software Engineer, Senior Software Engineer · Industries: Computer Software, Information Technology and Services · Market Segment: 47% Small-Business, 31% Mid-Market
ProsFeatures, Ease of Use, Team Collaboration, Version Control, Collaboration
ConsComplexity, Learning Curve, Difficulty for Beginners, Learning Difficulty, Steep Learning Curve
Year Founded
2008
HQ Location
San Francisco, CA
Company Website
https://github.com
Twitter
@github
LinkedIn® Page
https://www.linkedin.com/company/1418841/

Aikido Security

(141)4.6 out of 5
Product Description

Aikido Security is the developer-first security platform that unifies code, cloud, protection, and attack testing in one suite of best-in-class products. Built by developers for developers, Aikido hel

Users: CTO, Founder · Industries: Computer Software, Information Technology and Services · Market Segment: 70% Small-Business, 18% Mid-Market
ProsEase of Use, Security, Features, Easy Integrations, Easy Setup
ConsMissing Features, Expensive, Limited Features, Pricing Issues, Lacking Features
Year Founded
2022
HQ Location
Ghent, Belgium
Company Website
https://aikido.dev
Twitter
@AikidoSecurity
LinkedIn® Page
https://www.linkedin.com/company/aikido-security/
G2 Advertising
Sponsored
G2 Advertising
Get 2x conversion than Google Ads with G2 Advertising!
G2 Advertising places your product in premium positions on high-traffic pages and on targeted competitor pages to reach buyers at key comparison moments.

GitGuardian

(263)4.8 out of 5
Product Description

GitGuardian is an end-to-end NHI security platform designed to help organizations strengthen their Non-Human Identity (NHI) security posture and address compliance standards and regulations. As attack

Users: Software Engineer, Software Developer · Industries: Computer Software, Information Technology and Services · Market Segment: 84% Small-Business, 12% Mid-Market
ProsAlert Notifications, Security, Vulnerability Detection, Git Integration, Accuracy
ConsFalse Positives, Inefficient Notifications, Limited Customization, Confusing Interface, Difficulty for Beginners
Year Founded
2017
HQ Location
Paris, Île-de-France
Company Website
https://www.gitguardian.com/
Twitter
@GitGuardian
LinkedIn® Page
https://www.linkedin.com/company/gitguardian

GitLab

(896)4.5 out of 5
Product Description

GitLab is the most comprehensive AI-Powered DevSecOps platform that enables software innovation by empowering development, security, and operations teams to build better software, faster. With GitLab

Users: Software Engineer, Senior Software Engineer · Industries: Computer Software, Information Technology and Services · Market Segment: 37% Mid-Market, 36% Small-Business
ProsEase of Use, Features, CI, Integrations, CD Integration
ConsComplexity, Difficult Learning, Confusing Interface, Complex User Interface, Learning Curve
Year Founded
2014
HQ Location
San Francisco, California
Company Website
https://about.gitlab.com/
Twitter
@gitlab
LinkedIn® Page
https://www.linkedin.com/company/5101804/

SonarQube

(145)4.4 out of 5
Product Description

Sonar, the industry standard for code verification and automated code review, helps reduce outages, improve security, and lower risks associated with AI and agentic coding. As an independent verificat

Users: Software Engineer, DevOps Engineer · Industries: Information Technology and Services, Computer Software · Market Segment: 42% Enterprise, 39% Mid-Market
ProsCode Quality, Features, Issue Identification, Ease of Use, Easy Integrations
ConsSoftware Bugs, Complex Configuration, False Positives, Complexity, Complex Setup
Year Founded
2008
HQ Location
Geneva, Switzerland
Company Website
https://www.sonarsource.com
Twitter
@SonarSource
LinkedIn® Page
https://www.linkedin.com/company/sonarsource/

Microsoft Defender for Cloud

(314)4.4 out of 5
Product Description

Microsoft Defender for Cloud is a cloud native application protection platform for multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime

Users: Saas Consultant, Software Engineer · Industries: Information Technology and Services, Computer & Network Security · Market Segment: 39% Mid-Market, 35% Enterprise
ProsSecurity, Comprehensive Security, Cloud Security, Vulnerability Detection, Threat Detection
ConsComplexity, Expensive, Delayed Detection, False Positives, Improvement Needed
Year Founded
1975
HQ Location
Redmond, Washington
Company Website
https://www.microsoft.com/
Twitter
@microsoft
LinkedIn® Page
https://www.linkedin.com/company/microsoft/
Ownership
MSFT
Phone
+1 (877) 276-2464

Coverity

(55)4.2 out of 5
Product Description

Coverity® is a fast, accurate, and highly scalable static analysis (SAST) solution that helps development and security teams address security and quality defects early in the software development life

Users: Software Engineer · Industries: Computer Software, Information Technology and Services · Market Segment: 65% Enterprise, 27% Mid-Market
Year Founded
1986
HQ Location
Mountain View, CA
Company Website
https://www.synopsys.com/
Twitter
@synopsys
LinkedIn® Page
https://www.linkedin.com/company/2457/
Ownership
NASDAQ:SNPS

OX Security

(51)4.8 out of 5
Product Description

OX is redefining product security for the AI era. Founded by Neatsun Ziv and Lion Arzi, former Check Point executives, OX is the company behind VibeSec — the first AI-native vibe security platform.

Users: Security Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 63% Mid-Market, 25% Enterprise
ProsFeatures, Ease of Use, Customer Support, Integration Support, Security
ConsIntegration Issues, Missing Features, Complexity, Inadequate Reporting, Limited Cloud Integration
Year Founded
2021
HQ Location
New York, USA
Company Website
https://www.ox.security/
LinkedIn® Page
https://www.linkedin.com/company/ox-security/

DryRun Security

(20)4.9 out of 5
Product Description

Security leaders face a paradox: ship faster and enable agentic development while staying secure and keeping developers productive. DryRun Security resolves this by securing every pull request and rep

Industries: Computer & Network Security · Market Segment: 40% Small-Business, 30% Mid-Market
ProsSecurity, Vulnerability Detection, Features, Accuracy, Easy Setup
ConsSlow Performance, Slow Speed, UX Improvement, Limited Customization, Workflow Issues
Year Founded
2023
HQ Location
Austin, US
Company Website
https://dryrun.security
LinkedIn® Page
https://www.linkedin.com/company/dryrun-security/

Semgrep

(55)4.6 out of 5
Product Description

Semgrep is a modern static analysis (SAST), software composition analysis (SCA), and secrets detection platform designed for both developers and security teams. It combines fast, deterministic analysi

Industries: Information Technology and Services, Computer Software · Market Segment: 45% Enterprise, 42% Mid-Market
ProsEase of Use, Features, Vulnerability Detection, Scanning Efficiency, Security
ConsNot User-Friendly, Limited Features, Difficult Learning, Lack of Guidance, Learning Curve
Year Founded
2017
HQ Location
San Francisco, US
Company Website
https://semgrep.dev
Twitter
@semgrep
LinkedIn® Page
https://www.linkedin.com/company/returntocorp

Checkmarx

(43)4.2 out of 5
Product Description

Checkmarx is a type of application security solution designed to help organizations safeguard their software development processes while enhancing efficiency and reducing costs. The Checkmarx One plat

Industries: Information Technology and Services, Computer Software · Market Segment: 58% Enterprise, 21% Mid-Market
ProsImplementation Ease, User Interface, Accuracy of Results, Automation Testing, Customer Support
ConsFalse Positives, Lacking Features, Missing Features, Poor Navigation
Year Founded
2006
HQ Location
Paramus, NJ
Company Website
https://www.checkmarx.com
Twitter
@Checkmarx
LinkedIn® Page
https://www.linkedin.com/company/checkmarx

Jit

(43)4.5 out of 5
Product Description

Jit is redefining application security by introducing the first Agentic AppSec Platform, seamlessly blending human expertise with AI-driven automation. Designed for modern development teams, Jit empow

Industries: Computer Software, Financial Services · Market Segment: 44% Mid-Market, 42% Small-Business
ProsSecurity, Easy Integrations, Ease of Use, Efficiency, Integration Support
ConsIntegration Issues, Limited Features, Limited Integration, Poor Documentation, Complexity
Year Founded
2021
HQ Location
Boston, MA
Company Website
https://www.jit.io/
Twitter
@jit_io
LinkedIn® Page
https://www.linkedin.com/company/jit/

Assembla

(138)4.2 out of 5
Product Description

Assembla is the most secure version control and project collaboration platform in the world. We provide secure cloud hosting for Subversion, Perforce and Git repositories with integrated project manag

Users: Software Engineer · Industries: Computer Software, Information Technology and Services · Market Segment: 49% Small-Business, 41% Mid-Market
Year Founded
2005
HQ Location
San Antonio, TX
Company Website
https://www.assembla.com
Twitter
@assembla
LinkedIn® Page
https://www.linkedin.com/company/339775/

Kiuwan Code Security & Insights

(34)4.5 out of 5
Product Description

Fast, Flexible Code Security! Kiuwan is a robust, end-to-end application security platform that integrates seamlessly into your development process. Our toolset includes Static Application Secu

Industries: Information Technology and Services, Banking · Market Segment: 41% Enterprise, 35% Mid-Market
ProsAccuracy, Accuracy of Findings, Customer Support, Ease of Use, Automation Testing
Year Founded
2023
HQ Location
Austin, US
Company Website
https://www.sembi.com/
LinkedIn® Page
https://www.linkedin.com/company/sembi-inc/

Qodo

(63)4.7 out of 5
Product Description

Qodo is the AI Code Review Platform that helps development teams maintain code quality as AI accelerates development velocity. Qodo works across IDEs, Git platforms, and CLI to catch bugs earlier, enf

Users: Software Engineer · Industries: Computer Software, Information Technology and Services · Market Segment: 56% Small-Business, 24% Enterprise
ProsEase of Use, Functionality, Time-saving, Helpful, Automation
ConsSlow Performance, Learning Curve, Testing Issues, Bug Issues, Poor UI Design
Year Founded
2022
HQ Location
Tel Aviv, IL
Company Website
https://www.codium.ai/
Twitter
@CodiumAI
LinkedIn® Page
https://www.linkedin.com/company/codiumai/