Introducing G2.ai, the future of software buying.Try now
Top Free Static Application Security Testing (SAST) Software
Check out our list of free Static Application Security Testing (SAST) Software. Products featured on this list are the ones that offer a free trial version. As with most free versions, there are limitations, typically time or features.
If you'd like to see more products and to evaluate additional feature options, compare all Static Application Security Testing (SAST) Software to ensure you get the right product.
View Free Static Application Security Testing (SAST) Software
G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
39 Static Application Security Testing (SAST) Products Available
(2,263)4.7 out of 5
3rd Easiest To Use in Static Application Security Testing (SAST) software
View top Consulting Services for GitHub
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
GitHub is where the world builds software. Millions of individuals, organizations and businesses around the world use GitHub to discover, share, and contribute software. Developers at startups to Fort
Users
- Software Engineer
- Senior Software Engineer
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 46% Small-Business
- 30% Mid-Market
GitHub features and usability ratings that predict user satisfaction
8.7
Test Automation
Average: 8.5
8.9
Has the product been a good partner in doing business?
Average: 9.1
8.8
Quality of Support
Average: 9.2
8.7
Black-Box Scanning
Average: 8.2
UC
GitHub makes it simple to manage code with Git, collaborate with teams, and contribute to open-source projects. I like its pull requests, issue... Read review
UC
Github is extremely user-friendly, making it simple to push code and host websites. For those unfamiliar with Git commands, it offers the... Read review
Seller Details
Twitter
@github2,591,866 Twitter followers
(858)4.5 out of 5
Optimized for quick response
9th Easiest To Use in Static Application Security Testing (SAST) software
View top Consulting Services for GitLab
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
GitLab is the most comprehensive AI-Powered DevSecOps platform that enables software innovation by empowering development, security, and operations teams to build better software, faster. With GitLab
Users
- Software Engineer
- Senior Software Engineer
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 37% Small-Business
- 37% Mid-Market
GitLab features and usability ratings that predict user satisfaction
9.1
Test Automation
Average: 8.5
8.8
Has the product been a good partner in doing business?
Average: 9.1
8.5
Quality of Support
Average: 9.2
8.8
Black-Box Scanning
Average: 8.2
SR
What I appreciate most about GitLab, especially in the context of complying with ISO 27001 standards, is its comprehensive security features and... Read review
VP
Easy to build and deploy code, highly secure environment Read review
Seller Details
HQ Location
San Francisco, CaliforniaTwitter
@gitlab168,902 Twitter followers
(237)4.8 out of 5
2nd Easiest To Use in Static Application Security Testing (SAST) software
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
GitGuardian is an end-to-end NHI security platform designed to help organizations strengthen their Non-Human Identity (NHI) security posture and address compliance standards and regulations. As attack
Users
- Software Engineer
- Student
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 84% Small-Business
- 12% Mid-Market
GitGuardian features and usability ratings that predict user satisfaction
8.2
Test Automation
Average: 8.5
8.9
Has the product been a good partner in doing business?
Average: 9.1
9.2
Quality of Support
Average: 9.2
9.0
Black-Box Scanning
Average: 8.2
UC
Instant notification on (usually inadvertant) sharing of sensitive data. It is easy to use (i dont think you have to do anything except enable it). Read review
AL
Very helpful to keep your secret for being exposed and when it exposed you get alerts fast have integration for discord easily with webhooks and... Read review
Seller Details
Twitter
@GitGuardian6,080 Twitter followers
(100)4.6 out of 5
Optimized for quick response
1st Easiest To Use in Static Application Security Testing (SAST) software
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Aikido Security is the developer-first security platform that unifies code, cloud, protection, and attack testing in one suite of best-in-class products. Built by developers for developers, Aikido hel
Users
- CTO
- Founder
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 76% Small-Business
- 21% Mid-Market
Aikido Security features and usability ratings that predict user satisfaction
8.1
Test Automation
Average: 8.5
9.4
Has the product been a good partner in doing business?
Average: 9.1
9.4
Quality of Support
Average: 9.2
8.2
Black-Box Scanning
Average: 8.2
DE
In the 9 months we have been using Aikido, we have been very impressed with the offering. They have a significant number of tools available (SAST,... Read review
WM
The ease of setup and the overall UX have an astoundingly low barrier to entry, but as an experienced SRE/infra engineer, I can still find my way... Read review
Seller Details
HQ Location
Ghent, BelgiumTwitter
@AikidoSecurity3,880 Twitter followers
(125)4.5 out of 5
10th Easiest To Use in Static Application Security Testing (SAST) software
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
SonarQube helps developers continuously improve the quality and security of both AI-generated and human-written code. It addresses key areas including: - Code Quality: Ensuring all code meets high st
Users
- Software Engineer
- DevOps Engineer
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 42% Enterprise
- 40% Mid-Market
SonarQube features and usability ratings that predict user satisfaction
6.0
Test Automation
Average: 8.5
8.4
Has the product been a good partner in doing business?
Average: 9.1
8.2
Quality of Support
Average: 9.2
6.8
Black-Box Scanning
Average: 8.2
AH
- We are using a self hosted SonarQube server - hosting and upgrading our instance is a relatively painless process. The online documentation is... Read review
MT
I use SonarQube mainly for analyzing C, C++ and Python programming languages, and that's why I need a SonarQube developer license. The $160 I spent... Read review
Seller Details
HQ Location
Geneva, SwitzerlandTwitter
@SonarSource10,887 Twitter followers
(76)4.1 out of 5
14th Easiest To Use in Static Application Security Testing (SAST) software
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
HCL AppScan is a comprehensive suite of market-leading application security testing solutions (SAST, DAST, IAST, SCA, API), available on-premises and on-cloud. These powerful DevSecOps tools pinpoint
Users
No information available
Industries
- Information Technology and Services
- Computer & Network Security
Market Segment
- 54% Enterprise
- 28% Small-Business
HCL AppScan features and usability ratings that predict user satisfaction
8.4
Test Automation
Average: 8.5
8.8
Has the product been a good partner in doing business?
Average: 9.1
8.5
Quality of Support
Average: 9.2
8.3
Black-Box Scanning
Average: 8.2
BA
One of the best tools for app security. Easy to use and good documentation. Read review
AC
trustful assessment
easy to use
automatic scans Read review
Seller Details
Twitter
@hcltech426,575 Twitter followers
Ownership
NSE - National Stock Exchange of India
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Mend.io offers the first AI native application security platform, empowering organizations to build and run a proactive AppSec program tuned for AI powered development. The unified platform secures AI
Users
- Software Engineer
Industries
- Computer Software
- Information Technology and Services
Market Segment
- 38% Small-Business
- 34% Mid-Market
Mend.io features and usability ratings that predict user satisfaction
7.2
Test Automation
Average: 8.5
8.8
Has the product been a good partner in doing business?
Average: 9.1
8.7
Quality of Support
Average: 9.2
8.3
Black-Box Scanning
Average: 8.2
VS
Interface and flow of the application.Also the simplicity Read review
MT
The best thing is the security and easy to use. The mend bot offers couple of qualities to protect your projects against several security protocols... Read review
Seller Details
Twitter
@Mend_io11,405 Twitter followers
(43)4.5 out of 5
12th Easiest To Use in Static Application Security Testing (SAST) software
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Appknox is an on-demand mobile application security platform that helps businesses detect and fix security vulnerabilities using an Automated Security Testing suite. We have been successfully reducing
Users
No information available
Industries
- Information Technology and Services
- Financial Services
Market Segment
- 40% Small-Business
- 37% Mid-Market
Appknox features and usability ratings that predict user satisfaction
8.6
Test Automation
Average: 8.5
9.8
Has the product been a good partner in doing business?
Average: 9.1
9.2
Quality of Support
Average: 9.2
9.2
Black-Box Scanning
Average: 8.2
AH
Great customer service and responsive and communicative account manager and testing team Read review
IC
Easy to learn. Easy to use, especially within non-technical teams. Read review
Seller Details
Twitter
@appknox3,082 Twitter followers
(51)4.8 out of 5
7th Easiest To Use in Static Application Security Testing (SAST) software
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
OX is redefining product security for the AI era. Founded by Neatsun Ziv and Lion Arzi, former Check Point executives, OX is the company behind VibeSec — the first AI-native vibe security platform.
Users
- Security Engineer
Industries
- Financial Services
- Information Technology and Services
Market Segment
- 63% Mid-Market
- 25% Enterprise
OX Security features and usability ratings that predict user satisfaction
7.3
Test Automation
Average: 8.5
9.7
Has the product been a good partner in doing business?
Average: 9.1
9.6
Quality of Support
Average: 9.2
7.7
Black-Box Scanning
Average: 8.2
EA
As one of OX Security's first customers, I was searching for an effective solution to upscale Upstream Security's application security stack. I... Read review
UI
Best Free Solution for private users who want to check their repos. Read review
Seller Details
Seller
OX SecurityYear Founded
2021HQ Location
New York, USA
(54)4.6 out of 5
4th Easiest To Use in Static Application Security Testing (SAST) software
View top Consulting Services for Semgrep
Entry Level Price:Starting at $40.00
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Semgrep is a modern static analysis (SAST), software composition analysis (SCA), and secrets detection platform designed for both developers and security teams. It combines fast, deterministic analysi
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 46% Enterprise
- 41% Mid-Market
Semgrep features and usability ratings that predict user satisfaction
9.2
Test Automation
Average: 8.5
9.6
Has the product been a good partner in doing business?
Average: 9.1
8.8
Quality of Support
Average: 9.2
7.5
Black-Box Scanning
Average: 8.2
AF
Easy to add custom rules (e.g. by using the online rule editor). Also, Semgrep App has some nice, convenient features (like private rule repository). Read review
AI
The Semgrep supply chain is a boon for application and product security teams. Backed by the already solid Semgrep engine, it can quickly surface... Read review
Seller Details
HQ Location
San Francisco, USTwitter
@semgrep4,105 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Checkmarx helps the world’s largest enterprises get ahead of application risk without slowing down development. More applications, faster pipelines, and growing threats are all contributing to skyrock
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 58% Enterprise
- 25% Mid-Market
Checkmarx features and usability ratings that predict user satisfaction
8.3
Test Automation
Average: 8.5
8.3
Has the product been a good partner in doing business?
Average: 9.1
8.3
Quality of Support
Average: 9.2
5.6
Black-Box Scanning
Average: 8.2
AR
Static analysis & Apex Overview of unpackaged code Read review
HB
Our choice of Checkmarx as a static code audit tool was done after a long reflection. the richness in terms of languages and the customization of... Read review
Seller Details
Twitter
@Checkmarx7,205 Twitter followers
(28)4.6 out of 5
13th Easiest To Use in Static Application Security Testing (SAST) software
Entry Level Price:Free
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Codacy is the only DevSecOps platform that delivers plug-and-play code health and security scanning for AI and human generated code. Future-proof your software – from source code to runtime – without
Users
No information available
Industries
- Computer Software
Market Segment
- 61% Small-Business
- 21% Mid-Market
Codacy features and usability ratings that predict user satisfaction
0.0
No information available
9.1
Has the product been a good partner in doing business?
Average: 9.1
9.2
Quality of Support
Average: 9.2
0.0
No information available
MP
Codacy is fantastic! I absolutely love the UI/UX. The great amount of customizations around rules for code review. Great language support. Love the... Read review
UC
Codacy had great git and github integration for projects and even user accounts, simple and really easy to use web interface with no clutter and... Read review
Seller Details
Twitter
@codacy5,044 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
CodeScan Shield addresses code quality, security, and compliance liabilities with two automated modules: CodeScan and OrgScan. CodeScan provides static code analysis for total visibility into code h
Users
No information available
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 44% Enterprise
- 38% Mid-Market
CodeScan features and usability ratings that predict user satisfaction
7.3
Test Automation
Average: 8.5
9.2
Has the product been a good partner in doing business?
Average: 9.1
9.0
Quality of Support
Average: 9.2
8.3
Black-Box Scanning
Average: 8.2
CC
It finds the right bugs , it does the job well with less average cost.
With regular updates on new features makes it more adaptive and easy to use... Read review
MK
It's reducing potential bugs and other issues and make monitoring much easier, you should make your developers work with this tool and you catch... Read review
Seller Details
Twitter
@autorabit1,250 Twitter followers
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented thr
Users
No information available
Industries
- Insurance
- Computer Software
Market Segment
- 67% Enterprise
- 20% Mid-Market
Contrast Security features and usability ratings that predict user satisfaction
8.3
Test Automation
Average: 8.5
9.0
Has the product been a good partner in doing business?
Average: 9.1
9.3
Quality of Support
Average: 9.2
9.0
Black-Box Scanning
Average: 8.2
EI
Contrast delivers easy and fast vulnerability data about our applications (IDE environments) that continues through production with the RASP... Read review
DK
It's free to some extent
Fast then most security scanners Read review
Seller Details
HQ Location
Pleasanton, CATwitter
@contrastsec5,540 Twitter followers
Entry Level Price:Starting at $150.00
- Overview
- User Satisfaction
- What G2 Users Think
- Seller Details
Product Description
How are these determined?
This description is provided by the seller.
JFrog Ltd. (Nasdaq: FROG) is on a mission to create a world of software delivered without friction from developer to device. Driven by a “Liquid Software” vision, the JFrog Software Supply Chain P
Users
- Software Engineer
- DevOps Engineer
Industries
- Information Technology and Services
- Computer Software
Market Segment
- 55% Enterprise
- 34% Mid-Market
JFrog features and usability ratings that predict user satisfaction
0.0
No information available
8.5
Has the product been a good partner in doing business?
Average: 9.1
8.4
Quality of Support
Average: 9.2
0.0
No information available
VS
Today supporting Docker and Helm for your Kubernetes deployments.
Use it as your Docker registry to easily manage and deploy your Docker... Read review
SS
Some benefits of using the JFrog platform include:
1. Efficient dependency management: Artifactory helps to reduce the time and effort required... Read review
Seller Details
HQ Location
Sunnyvale, CATwitter
@jfrog23,159 Twitter followers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
