Top 12 Open-Source Alternatives to Veracode

Product categories

Clean Code Code Analysis Code Collaboration Code Coverage Code Quality Code Review Git Open Source Security Security & Privacy Vulnerability Scanner Web Application Security

Summary

The top open-source alternatives to Veracode are SonarQube, Snyk, and Rapid7. One of the criteria for ordering this list is the number of mentions that products have on reliable external sources. You can suggest additional sources through the form here.

SonarQube Landing Page
1

SonarQube

SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Pricing:
- Open Source
- Freemium
- Free Trial
- $150.0 / Annually
#Code Analysis #Code Review #Code Coverage 1 social mentions
Snyk Landing Page
2

Snyk

Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.
Pricing:
- Open Source
#Security #Security Monitoring #Security CI 85 social mentions
Rapid7 Landing Page
3

Rapid7

Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the world's best penetration testing software now. DownloadPen testing software to act like an attacker.
Pricing:
- Open Source
#Security #Security & Privacy #Web Application Security 1 social mentions
GitHub Landing Page
4

GitHub

Originally founded as a project to simplify sharing code, GitHub has grown into an application used by over a million people to store over two million code repositories, making GitHub the largest code host in the world.
Pricing:
- Open Source
#Code Collaboration #Git #Version Control 2039 social mentions
StyleCop Landing Page
5

StyleCop

Analyzes C# source code to enforce a set of style and consistency rules. - StyleCop/StyleCop
Pricing:
- Open Source
#Code Analysis #Code Coverage #Code Review
SonarCloud Landing Page
6

SonarCloud

Enhance your workflow with continuous code quality, SonarCloud automatically analyzes and decorates pull requests on GitHub, Bitbucket, Azure DevOps and GitLab on major languages.
Pricing:
- Open Source
- Freemium
- Free Trial
- €10.0 / Monthly (100,000 Lines of Code)
#Developer Tools #DevOps Tools #SAST 12 social mentions
OWASP Dependency-Track Landing Page
7

OWASP Dependency-Track

OWASP Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows...
Pricing:
- Open Source
#Security #Code Analysis #Security & Privacy 19 social mentions
Sqlmap Landing Page
8

Sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and...
Pricing:
- Open Source
#Web Application Security #Security #Vulnerability Scanner 17 social mentions
CodeClimate Landing Page
9

CodeClimate

Code Climate provides automated code review for your apps, letting you fix quality and security issues before they hit production. We check every commit, branch and pull request for changes in quality and potential vulnerabilities.
Pricing:
- Open Source
#Code Coverage #Code Quality #Code Analysis 11 social mentions
Phabricator Landing Page
10

Phabricator

Phacility - Phabricator
Pricing:
- Open Source
#Code Collaboration #Project Management #Git 3 social mentions
Sentinel Landing Page
11

Sentinel

An framework agnostic authentication & authorization library for ≥PHP 5.4.
Pricing:
- Open Source
#Web Application Security #Security & Privacy #Code Collaboration 1 social mentions
FindBugs Landing Page
12

FindBugs

Findbugs is a tool that looks for bugs in Java code. Findbugs finds the bugs by analyzing computer software without actually executing programs. Using this software allows for easy debugging and repairing broken script. Read more about FindBugs.
Pricing:
- Open Source
#Code Coverage #Code Analysis #Code Quality 3 social mentions