Best Enterprise Static Application Security Testing (SAST) Software
Products classified in the overall Static Application Security Testing (SAST) category are similar in many regards and help companies of all sizes solve their business problems. However, enterprise business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Enterprise Business Static Application Security Testing (SAST) to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2's buying advisors to find the right solutions within the Enterprise Business Static Application Security Testing (SAST) category.
In addition to qualifying for inclusion in the Static Application Security Testing (SAST) Software category, to qualify for inclusion in the Enterprise Business Static Application Security Testing (SAST) Software category, a product must have at least 10 reviews left by a reviewer from an enterprise business.
G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
GitHub is where the world builds software. Millions of individuals, organizations and businesses around the world use GitHub to discover, share, and contribute software. Developers at startups to Fort
- Software Engineer
- Senior Software Engineer
- Computer Software
- Information Technology and Services
- 47% Small-Business
- 31% Mid-Market
2,624,281 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
GitLab is the most comprehensive AI-Powered DevSecOps platform that enables software innovation by empowering development, security, and operations teams to build better software, faster. With GitLab
- Software Engineer
- Senior Software Engineer
- Computer Software
- Information Technology and Services
- 37% Mid-Market
- 37% Small-Business
170,258 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Semgrep is a modern static analysis (SAST), software composition analysis (SCA), and secrets detection platform designed for both developers and security teams. It combines fast, deterministic analysi
- Information Technology and Services
- Computer Software
- 46% Enterprise
- 41% Mid-Market
4,198 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
SonarQube is the industry leader in automated code review, serving as the verification layer for code quality and security in the AI-powered SDLC. SonarQube ensures all code—whether written by develop
- Software Engineer
- DevOps Engineer
- Information Technology and Services
- Computer Software
- 42% Enterprise
- 38% Mid-Market
10,916 Twitter followers
- Overview
- User Satisfaction
- Seller Details
Coverity® is a fast, accurate, and highly scalable static analysis (SAST) solution that helps development and security teams address security and quality defects early in the software development life
- Software Engineer
- Computer Software
- Information Technology and Services
- 65% Enterprise
- 27% Mid-Market
24,140 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Checkmarx is the leader in agentic application security, delivering enterprise-grade protection while lowering engineering costs and accelerating development velocity. The Checkmarx One platform scans
- Information Technology and Services
- Computer Software
- 58% Enterprise
- 25% Mid-Market
7,216 Twitter followers
- Overview
- User Satisfaction
- Seller Details
HCL AppScan is a comprehensive suite of market-leading application security testing solutions (SAST, DAST, IAST, SCA, API), available on-premises and on-cloud. These powerful DevSecOps tools pinpoint
- Information Technology and Services
- Computer & Network Security
- 54% Enterprise
- 28% Small-Business
425,792 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer securit
- Software Engineer
- Computer Software
- Information Technology and Services
- 43% Mid-Market
- 36% Small-Business
20,316 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Invicti is an automated application and API security testing solution that allows enterprise organizations to secure thousands of websites, web apps, and APIs and dramatically reduce the risk of attac
- Computer Software
- Information Technology and Services
- 47% Enterprise
- 26% Mid-Market
2,559 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented thr
- Insurance
- Information Technology and Services
- 67% Enterprise
- 20% Mid-Market
5,496 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
JFrog Ltd. (Nasdaq: FROG), the creators of the unified DevOps, DevSecOps, DevGovOps and MLOps platform, is on a mission to create a world of software delivered without friction from development to pro
- DevOps Engineer
- Software Engineer
- Information Technology and Services
- Computer Software
- 52% Enterprise
- 32% Mid-Market
23,132 Twitter followers
- Overview
- User Satisfaction
- Seller Details
CodeScan Shield addresses code quality, security, and compliance liabilities with two automated modules: CodeScan and OrgScan. CodeScan provides static code analysis for total visibility into code h
- Information Technology and Services
- Computer Software
- 44% Enterprise
- 38% Mid-Market
1,243 Twitter followers
