Best Static Application Security Testing (SAST) Software - Page 3
Static application security testing (SAST) software inspects and analyzes an application’s code to discover security vulnerabilities without actually executing code. These tools are frequently used by companies with continuous delivery practices to identify flaws prior to deployment. SAST tools provide vulnerability information and remediation suggestions for development teams to resolve. There is relation and overlap between SAST tools and static code analysis software, but SAST products are more focused on security testing. Static code analysis products, on the other hand, combine a number of analytical practices, test management, and team collaboration features.
SAST vs DAST — Learn the difference
To qualify for inclusion in the Static Application Security Testing (SAST) category, a product must:
Featured Static Application Security Testing (SAST) Software At A Glance
G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
A weekly snapshot of rising stars, new launches, and what everyone's buzzing about.
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
AttackFlow is a solution helps find security and quality weaknesses in software by analyzing the code.
- 45% Enterprise
- 45% Mid-Market
1,344 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Visual Expert is a static code analyzer for Oracle PL/SQL, SQL Server T-SQL and PowerBuilder. Identify code dependencies to modify your code without breaking your application. Leverage hundreds of fea
- Information Technology and Services
- 67% Mid-Market
- 17% Small-Business
614 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Vulnerability management tool on steroids 📈 Measure and control your application security state; 🔎 Scan your code, containers, web and mobile applications using ANY tool; 🔥 Remove duplicates, v
- 60% Mid-Market
- 20% Small-Business
- Overview
- User Satisfaction
- Seller Details
Parasoft Jtest is an integrated Java testing tool for Application Software Development. Develop high-quality code within an Agile workflow. Jtest’s comprehensive set of Java testing tools ensures high
- Computer Software
- 38% Enterprise
- 31% Mid-Market
2,605 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
As former security researchers, we founded BugProve to deliver the level of security that IoT deserves! Experience peace of mind by leveraging our automated firmware analysis platform: Swift Results:
- Computer & Network Security
- 90% Small-Business
- 10% Enterprise
151 Twitter followers
- Overview
- User Satisfaction
- Seller Details
As a leading provider of static application security testing (SAST) solutions, CodeSecure helps software developers solve challenging issues throughout the software development life cycle (SDLC) to pr
- 38% Mid-Market
- 31% Enterprise
695 Twitter followers
- Overview
- User Satisfaction
- Seller Details
Open-source container vulnerability analysis service.
- 60% Enterprise
- 40% Small-Business
297,275 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Hubbl Diagnostics is setting the standard for Salesforce success through secure, automated, AI-driven org intelligence. - Monitor health and performance: Instantly gain a holistic view of your org
- Consulting
- Non-Profit Organization Management
- 56% Mid-Market
- 22% Enterprise
5 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
AppSecure Security is a CREST-accredited offensive security company specializing in Red Teaming, Penetration Testing (Pentesting), and Vulnerability Assessment and Penetration Testing (VAPT). We deliv
- 63% Mid-Market
- 38% Small-Business
342 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Endor Labs helps you build and ship secure software fast, whether it's written by humans and AI. While conventional code scanning tools drown teams in false positives, Endor Labs zeroes in on real ris
- 71% Mid-Market
- 29% Enterprise
423 Twitter followers
- Overview
- User Satisfaction
- Seller Details
Spotter helps users create and maintain Ansible Playbooks with ease while ensuring they are always up-to-date and secure. With its comprehensive analytics and reporting capabilities, Spotter offers
- 67% Small-Business
- 17% Mid-Market
67 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Arnica simplifies and effectively automates source code security, while maintaining or improving development velocity. Arnica uses rich tooling integration, deep learning, and behavioral analytics to
- 60% Enterprise
- 20% Small-Business
123 Twitter followers
- Overview
- User Satisfaction
- Seller Details
CodePeer is an Ada source code analyzer that detects run-time and logic errors. It assesses potential bugs before program execution, serving as an automated peer reviewer, helping to find errors easil
- 100% Enterprise
2,013 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
Qwiet AI delivers comprehensive application security by combining agentic AI with advanced code analysis. In a single scan, the platform provides uniquely accurate SAST, SCA, SBOM, secrets detection,
- 67% Enterprise
- 33% Small-Business
1,187 Twitter followers
- Overview
- Pros and Cons
- User Satisfaction
- Seller Details
CodeAnt AI reviews your code line by line, finds critical code quality issues and security vulnerabilities, explains their impact, and guides you on how to fix them. It’s SOC 2 and HIPAA compliant,
- 60% Small-Business
- 40% Mid-Market
