Klocwork is a static code analysis and SAST tool for C, C++, C#, Java, and JavaScript that identifies software security, quality, and reliability issues to help enforce standards compliance.
Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality.
SonarQube - SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Qualys - Qualys helps your business automate the full spectrum of auditing, compliance and protection of your IT systems and web applications.
Coverity Scan - Find and fix defects in your Java, C/C++ or C# open source project for free
Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications.
Embold.io - Peer Code Review
OpenVAS - The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools...