Introducing G2.ai, the future of software buying.Try now
Top Free Software Composition Analysis Tools
Check out our list of free Software Composition Analysis Tools. Products featured on this list are the ones that offer a free trial version. As with most free versions, there are limitations, typically time or features.
If you'd like to see more products and to evaluate additional feature options, compare all Software Composition Analysis Tools to ensure you get the right product.
View Free Software Composition Analysis Tools
G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
38 Software Composition Analysis Products Available
View all Software Composition Analysis Tools
(858)4.5 out of 5
Optimized for quick response
5th Easiest To Use in Software Composition Analysis software
View top Consulting Services for GitLab
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
GitLab is the most comprehensive AI-Powered DevSecOps platform that enables software innovation by empowering development, security, and operations teams to build better software, faster. With GitLab
Users
- Software Engineer
- Senior Software Engineer
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 37% Small-Business
- 37% Mid-Market
GitLab features and usability ratings that predict user satisfaction
8.5
Quality of Support
Average: 9.0
8.7
Language Support
Average: 8.6
8.9
Continuous Monitoring
Average: 8.9
8.8
Integration
Average: 8.8
SR
What I appreciate most about GitLab, especially in the context of complying with ISO 27001 standards, is its comprehensive security features and... Read review
VP
Easy to build and deploy code, highly secure environment Read review
Seller Details
HQ Location
San Francisco, CaliforniaTwitter
@gitlab168,902 Twitter followers
(2,263)4.7 out of 5
6th Easiest To Use in Software Composition Analysis software
View top Consulting Services for GitHub
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
GitHub is where the world builds software. Millions of individuals, organizations and businesses around the world use GitHub to discover, share, and contribute software. Developers at startups to Fort
Users
- Software Engineer
- Senior Software Engineer
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 46% Small-Business
- 30% Mid-Market
GitHub features and usability ratings that predict user satisfaction
8.8
Quality of Support
Average: 9.0
8.9
Language Support
Average: 8.6
9.1
Continuous Monitoring
Average: 8.9
9.1
Integration
Average: 8.8
UC
GitHub makes it simple to manage code with Git, collaborate with teams, and contribute to open-source projects. I like its pull requests, issue... Read review
UC
Github is extremely user-friendly, making it simple to push code and host websites. For those unfamiliar with Git commands, it offers the... Read review
Seller Details
Twitter
@github2,604,424 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Mend.io offers the first AI native application security platform, empowering organizations to build and run a proactive AppSec program tuned for AI powered development. The unified platform secures AI
Users
- Software Engineer
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 38% Small-Business
- 34% Mid-Market
Mend.io features and usability ratings that predict user satisfaction
8.7
Quality of Support
Average: 9.0
8.5
Language Support
Average: 8.6
8.8
Continuous Monitoring
Average: 8.9
8.5
Integration
Average: 8.8
VS
Interface and flow of the application.Also the simplicity Read review
MT
The best thing is the security and easy to use. The mend bot offers couple of qualities to protect your projects against several security protocols... Read review
Seller Details
Twitter
@Mend_io11,407 Twitter followers
(738)4.7 out of 5
Optimized for quick response
1st Easiest To Use in Software Composition Analysis software
View top Consulting Services for Wiz
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the developme
Users
- CISO
- Security Engineer
Industries
- Financial Services
- Computer Software
Market Segment
- 54% Enterprise
- 38% Mid-Market
Wiz features and usability ratings that predict user satisfaction
9.2
Quality of Support
Average: 9.0
8.8
Language Support
Average: 8.6
9.2
Continuous Monitoring
Average: 8.9
9.3
Integration
Average: 8.8
KL
Wiz.io enables my small SaaS company with enterprise-grade security solutions for our cloud-native environments by simplifying security management,... Read review
JS
The ease of use and the ability for us to have our application teams get just the information they needed was why we selected the product. Getting... Read review
Seller Details
HQ Location
New York, USTwitter
@wiz_io18,941 Twitter followers
(88)4.5 out of 5
Optimized for quick response
11th Easiest To Use in Software Composition Analysis software
Entry Level Price:Starting at $11,000.00
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
By scanning the source code of your applications, CAST Highlight instantly maps your software, generating the insights to understand, improve, and transform it. CIOs, CTOs, Enterprise Architects u
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 58% Enterprise
- 25% Small-Business
CAST Highlight features and usability ratings that predict user satisfaction
9.1
Quality of Support
Average: 9.0
8.5
Language Support
Average: 8.6
8.5
Continuous Monitoring
Average: 8.9
8.4
Integration
Average: 8.8
CI
Allows rapid scanning of multiple applications simultaneously.
Supports GDPR
Provides insight into Software health, cloud readiness, licensing... Read review
PG
Cloud Readiness/Container Blockers is a differentiator
Much functionality is also available in tools like Blackduck,Polaris Read review
Seller Details
HQ Location
New YorkTwitter
@SW_Intelligence1,854 Twitter followers
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
SOOS is the complete application security posture management platform. Scan your software for vulnerabilities, control the introduction of new dependencies, exclude unwanted license types, generate an
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 51% Mid-Market
- 44% Small-Business
SOOS features and usability ratings that predict user satisfaction
9.3
Quality of Support
Average: 9.0
9.5
Language Support
Average: 8.6
9.3
Continuous Monitoring
Average: 8.9
9.5
Integration
Average: 8.8
JB
Cost-effective for startups. I always put off scanning my open-source libraries because the cost was too high to bear. SOOS takes that off the table. Read review
JG
SOOS works about as well as Snyk or Sonatype for SCA, and at about 0.1% of the price.
Their support has been super responsive and helpful when... Read review
Seller Details
HQ Location
Winooski, USTwitter
@soostech50 Twitter followers
(100)4.6 out of 5
Optimized for quick response
2nd Easiest To Use in Software Composition Analysis software
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Aikido Security is the developer-first security platform that unifies code, cloud, protection, and attack testing in one suite of best-in-class products. Built by developers for developers, Aikido hel
Users
- CTO
- Founder
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 76% Small-Business
- 21% Mid-Market
Aikido Security features and usability ratings that predict user satisfaction
9.4
Quality of Support
Average: 9.0
9.0
Language Support
Average: 8.6
9.0
Continuous Monitoring
Average: 8.9
9.0
Integration
Average: 8.8
DE
In the 9 months we have been using Aikido, we have been very impressed with the offering. They have a significant number of tools available (SAST,... Read review
WM
The ease of setup and the overall UX have an astoundingly low barrier to entry, but as an experienced SRE/infra engineer, I can still find my way... Read review
Seller Details
HQ Location
Ghent, BelgiumTwitter
@AikidoSecurity3,796 Twitter followers
(51)4.8 out of 5
9th Easiest To Use in Software Composition Analysis software
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
OX is redefining product security for the AI era. Founded by Neatsun Ziv and Lion Arzi, former Check Point executives, OX is the company behind VibeSec — the first AI-native vibe security platform.
Users
- Security Engineer
Industries
- Financial Services
- Information Technology and Services
Market Segment
- 63% Mid-Market
- 25% Enterprise
OX Security features and usability ratings that predict user satisfaction
9.6
Quality of Support
Average: 9.0
8.7
Language Support
Average: 8.6
8.8
Continuous Monitoring
Average: 8.9
9.4
Integration
Average: 8.8
EA
As one of OX Security's first customers, I was searching for an effective solution to upscale Upstream Security's application security stack. I... Read review
UI
Best Free Solution for private users who want to check their repos. Read review
Seller Details
Seller
OX SecurityYear Founded
2021HQ Location
New York, USA
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Organizations worldwide use Black Duck’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk.
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 48% Enterprise
- 33% Mid-Market
Black Duck features and usability ratings that predict user satisfaction
7.7
Quality of Support
Average: 9.0
9.2
Language Support
Average: 8.6
8.0
Continuous Monitoring
Average: 8.9
8.0
Integration
Average: 8.8
UP
It is very thorough. As a best I included a small snippet of code I copied from a obscure blog. It identified the code. Read review
SM
One of the top solution providers to help manage security vulnerabilities, code quality, code smells, bugs and compliance risk associated with... Read review
Seller Details
Twitter
@synopsys23,448 Twitter followers
Ownership
NASDAQ:SNPS
(51)4.5 out of 5
10th Easiest To Use in Software Composition Analysis software
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented thr
Users
No information available
Industries
- Insurance
- Computer Software
Market Segment
- 67% Enterprise
- 20% Mid-Market
Contrast Security features and usability ratings that predict user satisfaction
9.3
Quality of Support
Average: 9.0
8.1
Language Support
Average: 8.6
9.0
Continuous Monitoring
Average: 8.9
8.8
Integration
Average: 8.8
EI
Contrast delivers easy and fast vulnerability data about our applications (IDE environments) that continues through production with the RASP... Read review
DK
It's free to some extent
Fast then most security scanners Read review
Seller Details
HQ Location
Pleasanton, CATwitter
@contrastsec5,540 Twitter followers
(54)4.6 out of 5
8th Easiest To Use in Software Composition Analysis software
View top Consulting Services for Semgrep
Entry Level Price:Starting at $40.00
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Semgrep is a modern static analysis (SAST), software composition analysis (SCA), and secrets detection platform designed for both developers and security teams. It combines fast, deterministic analysi
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 46% Enterprise
- 41% Mid-Market
Semgrep features and usability ratings that predict user satisfaction
8.8
Quality of Support
Average: 9.0
8.4
Language Support
Average: 8.6
8.3
Continuous Monitoring
Average: 8.9
8.2
Integration
Average: 8.8
AF
Easy to add custom rules (e.g. by using the online rule editor). Also, Semgrep App has some nice, convenient features (like private rule repository). Read review
AI
The Semgrep supply chain is a boon for application and product security teams. Backed by the already solid Semgrep engine, it can quickly surface... Read review
Seller Details
HQ Location
San Francisco, USTwitter
@semgrep4,095 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
MergeBase is revolutionizing software supply chain protection with a full-featured, developer-oriented SCA solution that brings the lowest false positives in the industry and complete DevOps coverage
Users
No information available
Industries
- Computer Software
Market Segment
- 40% Small-Business
- 35% Mid-Market
MergeBase features and usability ratings that predict user satisfaction
9.3
Quality of Support
Average: 9.0
7.9
Language Support
Average: 8.6
8.5
Continuous Monitoring
Average: 8.9
8.5
Integration
Average: 8.8
DG
The best feature of MergeBase has to be it's ease of usage. Development for future becomes super easy purely because of the intuitiveness of the... Read review
CM
It helps in reducing risk in whole product development by suggesting and removing vulnerabilities
An all in one product+ consultation solution on... Read review
Seller Details
Twitter
@mergebasesecure92 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Automatically build Python, Perl and Tcl runtimes for Windows, Linux and Mac, or download one of our popular pre-built ActivePython, ActivePerl or ActiveTcl distributions. ActiveState has been cre
Users
No information available
Industries
- Computer & Network Security
- Computer Software
Market Segment
- 53% Small-Business
- 26% Mid-Market
ActiveState Platform features and usability ratings that predict user satisfaction
8.8
Quality of Support
Average: 9.0
8.3
Language Support
Average: 8.6
9.4
Continuous Monitoring
Average: 8.9
8.9
Integration
Average: 8.8
M
the great advantages it offers to develop my projects in terms of security in addition to the great community ready-to-use software supply chain... Read review
AH
Easy to use
fast
active community to help if I encounter problems Read review
Seller Details
Twitter
@ActiveState4,043 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Open source is a critical part of your software. In the average modern software product, over 80% of the source code shipped is derived from open source. Each component can have cascading legal, secur
Users
No information available
Industries
- Computer Software
Market Segment
- 47% Small-Business
- 33% Mid-Market
FOSSA features and usability ratings that predict user satisfaction
8.3
Quality of Support
Average: 9.0
8.8
Language Support
Average: 8.6
8.5
Continuous Monitoring
Average: 8.9
9.2
Integration
Average: 8.8
JJ
It reduces the time needed to identify open-source licensing issues. It is easy to use and it is user-friendly. It allows you to know the licenses... Read review
IL
FOSSA stands for Free and Open Source Software Analysis which automates the management of open source compliance and security. Up to 90% of the... Read review
Seller Details
Twitter
@getfossa775 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud sec
Users
No information available
Industries
- Information Technology and Services
- Computer & Network Security
Market Segment
- 38% Enterprise
- 32% Mid-Market
Cortex Cloud features and usability ratings that predict user satisfaction
7.9
Quality of Support
Average: 9.0
6.7
Language Support
Average: 8.6
7.2
Continuous Monitoring
Average: 8.9
9.2
Integration
Average: 8.8
UL
Strong cloud security – It catches misconfigurations and vulnerabilities fast.
Easy to use – The dashboard is clean and gives clear... Read review
UC
Gets the job done and has a good user interface. Smooth user experience and is usually free from any bugs. Support and implementation are also good... Read review
Seller Details
Twitter
@PaloAltoNtwks127,297 Twitter followers
Ownership
NYSE: PANWHunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
