Alternatives to Splint
Compare Splint alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Splint in 2026. Compare features, ratings, user reviews, pricing, and more from Splint competitors and alternatives in order to make an informed decision for your business.
-
1
ZeroPath
ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix vulnerabilities. ZeroPath provides complete security coverage: 1. AI-powered SAST for business logic flaws & broken authentication 2. SCA with reachability analysis 3. Secrets detection and validation 4. Infrastructure as Code 5. Automated patch generation. any more... ZeroPath delivers 2x more real vulnerabilities with 75% fewer false positives. Our research team has been successful in finding vulns like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce. Trusted by 750+ companies and performing 200k+ code scans monthly. -
2
TrustInSoft Analyzer
TrustInSoft
TrustInSoft Analyzer is a C/C++/Rust source code analyzer powered by formal methods, mathematical & logical reasonings that allow for exhaustive analysis of source code. This analysis can be run without false positives or false negatives, so that every real bug in the code is found. Developers receive several benefits: a user-friendly graphical interface that directs developers to the root cause of bugs, and instant utility to expand the coverage of their existing tests. Unlike traditional source code analysis tools, TrustInSoft’s solution is not only the most comprehensive approach on the market but is also progressive, instantly deployable by developers, even if they lack experience with formal methods, from exhaustive analysis up to a functional proof that the software developed meets specifications. Companies who use TrustInSoft Analyzer reduce their verification costs by 4, efforts in bug detection by 40, and obtain an irrefutable proof that their software is safe and secure. -
3
BrewPOS
BrewPOS
BrewPOS is a Windows IOT solution for restaurants designed to intuitively manage the daily functions for your restaurant. BrewPOS is a predominantly wired solution that runs with out a server. System arrives fully programmed. Management features include Payroll, EMV Chip Tabs, Employee activity tracking, Pre Authorized Credit Cards, Inventory management, Live real person training, Extensive reporting, Automated discounting, Trade accounts, Gift cards, Tickets splinting, Customer head counts, Table management, Customer records, Void Comp Discount Waste Override and Theft tracking system. Extensive Emp permissions. -
4
Kiuwan Code Security
Kiuwan
Kiuwan is an end-to-end application security platform that integrates seamlessly into your development process. Our toolset includes Static Application Security Testing (SAST), Software Composition Analysis (SCA), Software Governance and Code Quality, empowering your team to quickly identify and remediate vulnerabilities. Integrating into your CI/CD pipeline, Kiuwan enables early detection and remediation of security issues. Kiuwan supports strict compliance with industry standards including OWASP, CWE, MISRA, NIST, PCI DSS, and CERT, among others. ✅ Large language support: 30+ programming languages. ✅ Detailed action plans: Prioritize remediation with tailored action plans. ✅ Code Security: Seamless Static Application Security Testing (SAST) integration. ✅ Insights: On-demand or continuous scanning Software Composition Analysis (SCA) to help reduce third-party threats. ✅ One-click Software Bill of Materials (SBOM) generation Code Smarter. Secure Faster. Ship Sooner. -
5
Snyk
Snyk
Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce. Snyk is recognized on the Forbes Cloud 100 2021, the 2021 CNBC Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.Starting Price: $0 -
6
SonarQube Cloud
SonarSource
Maximize your throughput and only release clean code SonarQube Cloud (formerly SonarCloud) automatically analyzes branches and decorates pull requests. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. With just a few clicks you're up and running right where your code lives. Immediate access to the latest features and enhancements. Project dashboards keep teams and stakeholders informed on code quality and releasability. Display project badges and show your communities you're all about awesome. Code Quality and Code Security is a concern for your entire stack, from front-end to back-end. That’s why we cover 24 languages including Python, Java, C++, and many others. Transparency makes sense and that's why the trend is growing. Come join the fun, it's entirely free for open-source projects! -
7
david3
Tobit Software
Information exchange with employees, customers, partners and suppliers, organize tasks and projects and bring teams together – you can do that by using many different programs. Or david3! Everything is in there in a single software package. david3 makes companies fast! In the InfoCenter, all information from different sources converges. eMail, Fax, VoiceMail, E-Mail - everything there. Chat and LiveComments make the exchange quick. Shared inbox folders, calendars, and more: with david3, employees become teams. Projects, tasks and appointments can be easily coordinated at the touch of a button. Don't be afraid of viruses, spam, phishing or fake emails: david3 keeps the store clean. Whether in the office, in the home office or somewhere in nowhere: david3 is hypermobile. No media breaks, no compatibility issues. At david3, everything is just one piece. david3 is based on a purebred client/server architecture.Starting Price: €295 -
8
MB&G MobileMap
Mason Bruce & Girard
Demanding work environments require the best technology solutions. MobileMap, was solely developed by natural resource consulting firm Mason, Bruce & Girard, Inc. (MB&G). MB&G provides innovative products and applications that are highly reliable, even in the field’s toughest conditions. All of our technology solutions are driven from our clients’ needs. MB&G was founded in 1921 by David Mason, an early and vocal advocate for sustained yield forestry. He brought that passion to a wide variety of projects. Today, MB&G has three lines of business: forestry, environmental, and geospatial services. We are headquartered in Portland, Oregon, and have offices in California, Virginia, and Colorado. MB&G employees provide forestry, environmental, geospatial, and application development expertise to help solve some of the most complex natural resource management challenges.Starting Price: $300.00/year/user -
9
Splint Invest
Splint Invest
Get access to attractive alternative investments hand-picked by certified experts. Alternative investments have a lower correlation to economic downturns. Get strong performance, especially during difficult market conditions. Our certified experts carefully evaluate every investment to ensure only the best opportunities for you. Splint Invest is your one-stop shop for investing in and trading a large variety of alternative investments. The investments offered on Splint Invest are hand-picked by trusted and verified experts. We offer a comprehensive solution for making informed investment decisions, with all relevant information, and assets, and without any hidden or ongoing fees. We evaluate the investments every month and organize the sale of the asset at the end of the predefined investment horizon together with our verified experts. Create an account and invest in alternative assets, all in less than 2 minutes, everything else is just as simple.Starting Price: Free -
10
david.net
2R Software GmbH
david.net is a tailor made software for your waste management. And is a complete digital solution for all waste related processes in your company. This is david.net – in a nutshell: ERP software for extensive digitization For the highest demands Modular and individually tailored to your needs Made for waste management, recycling and scrap trade Developed on the basis of 20 years of industry experience You are looking for a tailor made software which will improve and digitalize your processes? Or would you like to start with the digitization of a sub-area and, for example, automate the scheduling with tour planning and driving orders including eANV? Whatever your individual challenge, we at 2R Software want you to rely on a software solution that suits you and optimizes your business processes properly. With our 20 years as software partner in waste management, we know the challenges of the industry and offer the perfect software solution, -
11
Oscar
Oscar McMaster
OSCAR was created by Dr. David Chan and McMaster University’s Department of Family Medicine. It has evolved with McMaster’s leadership and vital contributions from its dedicated open-source community to be one of the top EMRs in Canada. Our shared vision is to enable continuous improvement in health outcomes and services, which includes making the experience and results in the best they can be for the providers and recipients of care. We do this through leading-edge research, development and knowledge sharing among a vibrant community of engaged clinicians in collaboration with skilled developers and experts in technology systems and security. This network of clinicians includes McMaster, Queens, McGill, the University of British Columbia and thousands of physicians across diverse practice settings. Offering OSCAR as a progressive, cost-effective EMR is key to realizing our vision. OSCAR is the clinician’s integrated hub within an ever-expanding and dynamic digital health ecosystem. -
12
ToDoListQ
ToDoListQ
Anyone can sign-up for a free ToDoListQ account and start their online "Getting Things Done" experience. Our free accounts have no limitations on the number of actions you can create. Extra features such as additional projects, sharing, file attachments, and ssl secure data transmission, are included with our Basic and Premium versions for only $5 and $10 per month respectively. Obviously we are big fans of David Allen's "Getting Thing's Done" methodology. In an effort to bring GTD software online, we created ToDoListQ. It implements every step of David Allen's "Getting Things Done" methodology so you don't have to keep track of it yourself. No more painstaking updates of documents, spreadsheets, or paper to-do-lists. With ToDoListQ, your lists are online, in GTD format, and ready to be accessed or updated from anywhere.Starting Price: $5 per month -
13
Sandboxie
Sandboxie
Sandboxie is a sandbox-based isolation software for 32- and 64-bit Windows NT-based operating systems. It is being developed by David Xanatos since it became open source, before that it was developed by Sophos (which acquired it from Invincea, which acquired it earlier from the original author Ronen Tzur). It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. An isolated virtual environment allows controlled testing of untrusted programs and web surfing. Since the Open Sourcing sandboxie is being released in two flavors the classical build with a MFC based UI and as plus build that incorporates new features and an entirely new Q’t based UI. All newly added features target the plus branch but often can be utilized in the classical edition by manually editing the sandboxie.ini file. -
14
FacileThings
FacileThings
The Ultimate Solution to Get Things Done. Get Organized Effectively. Without Stress. FacileThings is a personal management system designed to help you better organize your life and your work. This system is based on the GTD methodology presented by David Allen in his book "Getting Things Done: The Art of Stress-Free Productivity" in 2001. Based on very simple principles and many years of experience, this methodology has become a worldwide reference on personal productivity.Starting Price: $7/mo -
15
The NTT Application Security Platform provides all of the services required to secure the entire software development lifecycle. From solutions for the security team, to fast and accurate products for developers in DevOps environments, we help organizations enjoy all of the benefits of digital transformation without the security headaches. Get smart about application security. With the best in-class application security technology, our always-on assessments are constantly detecting attack vectors and scanning your application code. NTT Sentinel Dynamic accurately identifies and verifies vulnerabilities in your websites and web applications. NTT Sentinel Source and NTT Scout scan your entire source code, identify vulnerabilities, and provide detailed vulnerability descriptions and remediation advice.
-
16
SoundMorph
SoundMorph
The ultimate SoundMorph collection. All current products and all future releases for a year. The SoundMorph Universe Bundle is the go-to collection for many professionals working in game audio, film, television, and music. Head to the Universe page to read what some of the professionals like David Farmer from Skywalker Sound has to say about our products. SoundMorph is a leading creator of state-of-the-art sound libraries and software, with a focus on computer-based audio production for sound designers and musicians. Founded in 2013 with headquarters in Montreal, Canada, SoundMorph was conceived on the idea of creating audio products that embrace the evolution of sound. We believe, like any medium, sound evolves with time, and therefore new sounds are needed for new times. We strive to create products that push the boundaries of audio production to open up new horizons, while still striking a perfect balance between usability and design.Starting Price: $299 one-time payment -
17
Call Forwarding
DHC Apps
If your battery is flat and you want to forward your calls to your office or car, download Call Forwarding app for free, and start forwarding your calls, it's that easy! Call Forwarding is an easy and simple application to use. Simply add numbers to the app and when you want to forward your calls just select the number from the list. To cancel click again on the selected number or use the detected button for canceling the call forwarding. This service is provided by David Cohhen at no cost and is intended for use as is.Starting Price: $27 per feature -
18
PT Application Inspector
Positive Technologies
PT Application Inspector is the only source code analyzer providing high-quality analysis and convenient tools to automatically confirm vulnerabilities — significantly speeding up the work with reports and simplifying teamwork between security specialists and developers. The combination of static, dynamic, and interactive application security testing (SAST + DAST + IAST) delivers unparalleled results. PT Application Inspector pinpoints only real vulnerabilities so you can focus on the problems that actually matter. Accurate detection, automatic vulnerability verification, filtering, incremental scanning, and an interactive data flow diagram (DFD) for each vulnerability are special features that make remediation so much quicker. Minimize vulnerabilities in the final product and the costs of fixing them. Perform analysis at the earliest stages of software development. -
19
Qwiet AI
Qwiet AI
The Fastest Code Analysis, Hands Down. 40X faster scan times so developers never have to wait for results after submitting pull requests. The Most Accurate Results. Qwiet AI has the highest OWASP Benchmark score, which is nearly triple the commercial average and more than double the 2nd highest score. Developer-Centric Security Workflows. 96% of developers report that disconnected security and development workflows inhibit their productivity. Implementing developer-centric AppSec workflows decreases mean-time-to-remediation (MTTR), typically by 5X - enhancing both security and developer productivity. Automatically Find Business Logic Flaws in Dev. Identify vulnerabilities that are unique to your code base before they reach production. Achieve Compliance. Demonstrate and maintain compliance with security and privacy regulations such as SOC 2, PCI-DSS, GDPR, and CCPA.Starting Price: Free -
20
Coverity Static Analysis
Black Duck
Coverity Static Analysis is a comprehensive code scanning solution that enables developers and security teams to deliver high-quality software in compliance with security, functional safety, and industry standards. It effectively uncovers complex defects across extensive codebases, identifying and resolving code quality and security issues that span multiple files and libraries. Coverity supports compliance with a wide range of standards, including OWASP Top 10, CWE Top 25, MISRA, and CERT C/C++/Java, providing built-in reports to track and prioritize issues. With the Code Sight™ IDE plugin, developers receive real-time results, including CWE information and remediation guidance, directly within their development environment, facilitating the integration of security into the software development life cycle without compromising developer velocity. -
21
Klocwork
Perforce
Klocwork static code analysis and SAST tool for C, C++, C#, Java, and JavaScript identifies software security, quality, and reliability issues helping to enforce compliance with standards. Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality. Use Klocwork static application security testing (SAST) for DevOps (DevSecOps). Our security standards identify security vulnerabilities, helping to find and fix security issues early and proving compliance to internationally recognized security standards. Klocwork integrates with CI/CD tools, containers, cloud services, and machine provisioning making automated security testing easy. -
22
Brakeman
Brakeman
Brakeman is a security scanner for Ruby on Rails applications. Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it. Once Brakeman scans the application code, it produces a report of all security issues it has found. Brakeman requires zero setup or configuration once it is installed. Just run it. Because all Brakeman needs is source code, Brakeman can be run at any stage of development: you can generate a new application with rails new and immediately check it with Brakeman. Since Brakeman does not rely on spidering sites to determine all their pages, it can provide more complete coverage of an application. This includes pages which may not be ‘live’ yet. In theory, Brakeman can find security vulnerabilities before they become exploitable. Brakeman is specifically built for Ruby on Rails applications, so it can easily check configuration settings for best practices. -
23
PIX
X2X
PIX has worked closely with David Fincher and his No. 13 production company since Panic Room in 2001, developing tools and services that have fundamentally changed how feature films and television shows are made. One of the first directors to embrace digital cameras with his use of the Thomson Viper on Zodiac, Fincher and his team are constantly redefining technology as they seek to blur the line between production and post production and strive to automate the mundane and more clearly communicate their creative vision. On Netflix’s Mindhunter, Fincher again used the latest digital capture technology – custom RED Xenomorph cameras designed to his specifications, integrating all the usual camera components (wireless video transmitters, focus controls etc.) into the camera for a much more ergonomic design. But Fincher’s desire for innovation extended far beyond the camera, so he again turned to PIX. -
24
OpenText Static Application Security Testing (SAST) identifies and remediates security vulnerabilities in source code early in the software development lifecycle. It supports extensive language coverage and integrates seamlessly with popular CI/CD tools such as Jenkins, Azure DevOps, Jira, and Visual Studio. The platform uses advanced static code analysis and AI-driven insights to prioritize risks and reduce false positives, enabling developers to focus on fixing critical vulnerabilities efficiently. With its customizable code analysis and rule sets, it helps reduce development time by catching issues early. OpenText SAST complies with industry standards like OWASP and offers flexible deployment options including SaaS, private cloud, and on-premises. This comprehensive approach enhances application security without sacrificing development speed or accuracy.
-
25
Org Mode
Org Mode
Org is implemented on top of Outline mode, which makes it possible to keep the content of large files well structured. Visibility cycling and structure editing help to work with the tree. Tables are easily created with a built-in table editor. Plain text URL-like links connect to websites, emails, Usenet messages, BBDB entries, and any files related to the projects. Org develops organizational tasks around notes files that contain lists or information about projects as plain text. Project planning and task management make use of metadata which is part of an outline node. Based on this data, specific entries can be extracted in queries and create dynamic agenda views that also integrate the Emacs calendar and diary. Org can be used to implement many different project planning schemes, such as David Allen’s GTD system. Org files can serve as a single source authoring system with export to many different formats such as HTML, LaTeX, Open Document, and Markdown. -
26
Jtest
Parasoft
Meet Agile development cycles while maintaining high-quality code. Use Jtest’s comprehensive set of Java testing tools to ensure defect-free coding through every stage of software development in the Java environment. Streamline Compliance With Security Standards. Ensure your Java code complies with industry security standards. Have compliance verification documentation automatically generated. Release Quality Software, Faster. Integrate Java testing tools to find defects faster and earlier. Save time and money by mitigating complicated and expensive problems down the line. Increase Your Return From Unit Testing. Achieve code coverage targets by creating a maintainable and optimized suite of JUnit tests. Get faster feedback from CI and within your IDE using smart test execution. Parasoft Jtest integrates tightly into your development ecosystem and CI/CD pipeline for real-time, intelligent feedback on your testing and compliance progress. -
27
CodePeer
AdaCore
The Most Comprehensive Static Analysis Toolsuite for Ada. CodePeer helps developers gain a deep understanding of their code and build more reliable and secure software systems. CodePeer is an Ada source code analyzer that detects run-time and logic errors. It assesses potential bugs before program execution, serving as an automated peer reviewer, helping to find errors easily at any stage of the development life-cycle. CodePeer helps you improve the quality of your code and makes it easier for you to perform safety and/or security analysis. CodePeer is a stand-alone tool that runs on Windows and Linux platforms and may be used with any standard Ada compiler or fully integrated into the GNAT Pro development environment. It can detect several of the “Top 25 Most Dangerous Software Errors” in the Common Weakness Enumeration. CodePeer supports all versions of Ada (83, 95, 2005, 2012). CodePeer has been qualified as a Verification Tool under the DO-178B and EN 50128 software standards. -
28
SonarQube Server
SonarSource
SonarQube Server is a self-managed solution for continuous code quality inspection that helps development teams identify and fix bugs, vulnerabilities, and code smells in real-time. It provides automated static code analysis for a variety of programming languages, ensuring the highest quality and security standards are maintained throughout the development lifecycle. SonarQube Server integrates seamlessly with existing CI/CD pipelines, offering flexibility for on-premise or cloud-based deployment. With advanced reporting features, it helps teams manage technical debt, track improvements, and enforce coding standards. SonarQube Server is ideal for organizations seeking full control over their code quality and security without compromising on performance. -
29
Checkmarx
Checkmarx
The Checkmarx Software Security Platform provides a centralized foundation for operating your suite of software security solutions for Static Application Security Testing (SAST), Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), and application security training and skills development. Built to address every organization’s needs, the Checkmarx Software Security Platform provides the full scope of options: including private cloud and on-premises solutions. Allowing a range of implementation options ensures customers can start securing their code immediately, rather than going through long processes of adapting their infrastructure to a single implementation method. The Checkmarx Software Security Platform transforms the standard for secure application development, providing one powerful resource with industry-leading capabilities. -
30
Axivion Static Code Analysis
Qt Group
Axivion helps development teams deliver safer, cleaner, and more maintainable C, C++, and CUDA code by automatically detecting coding standard violations, security vulnerabilities, dead code, and code clones. It provides actionable recommendations and detailed analytics, helping teams track, resolve, and prevent defects early in the development process. Axivion also supports architecture verification, enabling teams to maintain modular and scalable codebases. Designed for safety-critical industries like automotive, aerospace, medical devices, and industrial automation, Axivion supports functional safety standards including MISRA, ISO 26262, and IEC 61508. By combining static code analysis with architecture verification, it helps teams maintain long-term code health, accelerate certification readiness, and deliver high-performance software while reducing technical debt and ensuring compliance. -
31
GuardRails
GuardRails
Empowering modern development teams to find, fix and prevent vulnerabilities related to source code, open source libraries, secret management and cloud configuration. Empowering modern development teams to find, fix, and prevent security vulnerabilities in their applications. Continuous security scanning reduces cycle times and speeds up the shipping of features. Our expert system reduces the amount of false alerts and only informs about relevant security issues. Consistent security scanning across the entire product portfolio results in more secure software. GuardRails provides a completely frictionless integration with modern Version Control Systems like Github and GitLab. GuardRails seamlessly selects the right security engines to run based on the languages in a repository. Every single rule is curated to decide whether it has a high security impact issue resulting in less noise. Has built an expert system that detects false positives that is continuously tuned to be more accurate.Starting Price: $35 per user per month -
32
CodeSonar
CodeSecure
CodeSonar employs a unified dataflow and symbolic execution analysis that examines the computation of the complete application. By not relying on pattern matching or similar approximations, CodeSonar's static analysis engine is extraordinarily deep, finding 3-5 times more defects on average than other static analysis tools. Unlike many software development tools, such as testing tools, compilers, configuration management, etc., SAST tools can be integrated into a team's development process at any time with ease. SAST technologies like CodeSonar simply attach to your existing build environments to add analysis information to your verification process. Like a compiler, CodeSonar does a build of your code using your existing build environment, but instead of creating object code, CodeSonar creates an abstract model of your entire program. From the derived model, CodeSonar’s symbolic execution engine explores program paths, reasoning about program variables and how they relate. -
33
codebeat
codequest
Set up codebeat to track every quality change in one of your Github, Bitbucket, GitLab or self-hosted repositories. We'll get you up and running in seconds. codebeat provides automated code review and supports many programming languages. It will help you prioritize issues and identify quick wins in your web and mobile applications. codebeat offers a great team-management tool for companies and open source contributors. Assign access levels and move people between projects within seconds. Perfect for both small and large troupe.Starting Price: $20 per user per month -
34
Sparrow SAST
Sparrow
Support over 20 languages including Java, JSP, C/C++, C#, Python, Swift, ASP(.NET), ABAP, Object C, etc. Complies with global security compliances guides and standards. MVC structure analysis, associated file analysis, and analysis of function call relationship in various levels. Incremental analysis: Minimize analysis time by only analyzing newly added, modified files and their associated files. Interact with other Sparrow AST solutions (DAST, RASP) to identify correlation among vulnerabilities and improve search results. Issue navigator to track and follow vulnerabilities from its origin to actual code. Automated real source code correction guide. Automated classification of vulnerabilities. Dashboard for analysis result management and statistics. Centralized rule (Checker) management based on information including risk levels, option and other. -
35
beSOURCE
Beyond Security (Fortra)
Integrate security into SDLC via potent code analysis. Security must be an integral part of software development. Historically it hasn’t been. Static application security testing (SAST) used to be divorced from Code quality reviews, resulting in limited impact and value. beSOURCE addresses the code security quality of applications and thus integrates SecOps into DevOps. Other SAST offerings look at security as an isolated function. Beyond Security has turned this model upside-down by assuming the SecOps’ perspective in addressing security from all possible angles. Security Standards. beSOURCE adheres to all pertinent standards, guiding static code analysis engine in providing an actionable reference point. -
36
bugScout
bugScout
Platform for detecting security vulnerabilities and analyzing code quality of applications. bugScout was born in 2010, with the objective of promoting global application security through audit and DevOps processes. Our purpose is to promote a culture of safe development and thus provide protection for your company’s information, assets and reputation. Designed by ethical hackers and reputable security auditors, bugScout® follows international security rules and standards and is at the forefront of cybercrime techniques to keep our customers’ applications safe and secure. We combine security with quality, offering the lowest false positive rate on the market and the fastest analysis. Lightest platform on the market, 100% integrated with SonarQube. A platform that unites SAST and IAST, promoting the most complete and versatile source code audit on the market for the detection of Application Security Vulnerabilities. -
37
Puma Scan
Puma Security
The Puma Scan Professional End User Edition allows developers to run Puma Scan with a Visual Studio extension. This edition includes enhanced features, fewer false positives and support options. The End User license is valid for one year and renewed annually. The Server Edition allows command line scanning and integration with your build server without the overhead of Visual Studio. Each Server license may be used on up to 5 build agents in a single organization. Build Agent Bundles can be purchased in groups of 5. The Azure DevOps Extension adds a Puma Scan build task to your Azure DevOps pipelines. Azure DevOps Standard licenses allow scanning in up to 20 build pipelines. Azure DevOps Unlimited licenses allow unlimited scanning within a single organization.Starting Price: $299 per year -
38
Snappytick
Snappycode Audit
Snappy Tick Source Edition (SAST) is a source code review tool, it helps to identify the Vulnerability in Source code. We provide - Static Code Analysis tools and Source Code Review tools. Consider an In-line auditing approaches will identify the largest amount of most significant Security issues in your application and it will verify that the proper security controls exist. Snappy Tick Standard Edition (DAST) is Dynamic application security tool, it helps to perform black box and grey box testing. Analyze the requests and responses and find potential vulnerabilities inside an application by trying to access them in variety of ways, while the applications are running. Built with amazing features developed specifically for SnappyTick. Capable of scanning multiple languages. Best reporting that highlights the precise source files, line numbers, and even subsections of lines that are affected.Starting Price: $549 per month -
39
YAG-Suite
YAGAAN
The YAG-Suite is a French made innovative tool which brings SAST one step beyond. Based on static analysis and machine learning, YAGAAN offers customers more than a source code scanner : it offers a smart suite of tools to support application security audits as well as security and privacy by design DevSecOps processes. Beyond classic vulnerability detection, the YAG-Suite focuses the team attention on the problems that really matter in their business context, it supports developers in their understanding of the vulnerability causes and impacts. Its contextual remediation support them in fixing efficiently the problems while improving their secure coding skills. Additionally, YAG-Suite's unprecedented 'code mining' support security investigations of an unknown application with mapping all relevant code features and security mechanisms and offers querying capabilities to search for 0-days or non automatically detectable risks. PHP, Java and Python are supported. JS, C/C++ coming soonStarting Price: From €500/token or €150/mo -
40
The Tussman Program
Tussman Programs
Tussman Programs was founded in 1985 by California attorney David Tussman. He designed and wrote the Tussman Program to make the process of legal billing and accounting easier for his own practice, then decided to offer it to other attorneys. Since then, we have continuously refined and improved the Program to meet the needs of our customers. We challenge you to find any product, regardless of price, that offers a greater combination of features, flexibility, ease of use and dependability. To find out for yourself, take advantage of our free trial offer, or contact Rich Zerga, our sales manager. Our legal billing software includes all the functions you need to maintain lists of clients, matters, contacts, and persons related to each matter. You can perform conflict checks, generate client and matter reports and labels, keep unlimited free form notes for each client or matter, and email a client with the click of a mouse.Starting Price: $595.00/one-time -
41
Enterprise StrategyWare
Arrowpoint Technologies
EnterpriseStrategyWare (ESWare) - Balanced Scorecard Product is an innovative approach of aligning business activities to the strategy and scrutinizing the performance of strategic goals, over a period of time empirically. Balanced Scorecard is conceptualized by Harvard Business School faculty David Norton and Robert Kaplan, our product EnterpriseStrategyWare translates mission and strategy into objectives and measures that are monitored from four different perspectives, financial, customer, internal business processes and learning & growth. Sarbanes Oxley Act requires company's annual reports to contain an internal control report, stating the responsibilities of the company to maintain adequate internal controls for financial reporting and assessment of controls. ESWare enables the Corporate to monitor the internal business processes, thereby ensuring adequate controls over the functioning and financial aspects of the company. -
42
CodePatrol
Claranet
Automated code reviews driven by security. CodePatrol performs powerful SAST scans on your project source code and identifies security flaws early. Powered by Claranet and Checkmarx. CodePatrol provides support for a wide variety of languages and scans your code with multiple SAST engines for better results. Stay up-to-date with the latest code flaws in your project using automated alerting and user-defined filter rules. CodePatrol uses industry-leading SAST software provided by Checkmarx and expertise from Claranet Cyber Security to identify the latest threat vectors. Multiple code scanning engines are frequently triggered on your code base and perform in-depth analysis on your project. You may access CodePatrol anytime and retrieve the aggregated scan results in order to fix your project security flaws. -
43
eStar eCommerce
eStar
Focus on client success. eStar works directly with some of Australasia’s best retailers to consistently drive better than market growth. Our mission is to build and deliver the world's best commerce solutions powering client success. Brand experience delivered together. Previous Solutions. The digital store can influence more than half of in-store sales. Retailers require a compelling omnichannel experience backed by an eCommerce platform that complements and enables the physical store network. Services. eStar has an excellent track record of very successful implementations. Our people, approach and services make this possible and are a key reason why clients stay with eStar. Why eStar eStar is recognised as a proven enterprise level eCommerce platform with clients like David Jones, Country Road Group, Briscoe Group, Air New Zealand, Bed Bath & Beyond, Stirling Sports and many more. Platform eStar delivers and develops a feature-rich, enterprise class eCommerce platform -
44
BlueTie
BlueTie
BlueTie is your all-in-one resource for reliable cloud-based software and services. Keep your business up and running, from anywhere. Select from an array of affordable options that can grow with you—all backed by an experienced industry leader. Since 1999, BlueTie has provided companies worldwide with virtual IT services focused on communication and security. BlueTie revolutionized the Software as a Service industry by introducing the first hosted suite of business email and collaboration applications. Founded in 1999 by serial entrepreneur David Koretz and Paychex founder and Chairman Tom Golisano, BlueTie grew to become a leading provider of fast, reliable technology services for businesses. Today, BlueTie continues to deliver scalable email and calendar solutions for Internet Service Providers and businesses of all sizes, supporting millions of users worldwide.Starting Price: $19.99 per month -
45
SoundOracle.net
SoundOracle.net
Best known as a producer and chief sound designer for multi-platinum producer Timbaland, Sound Oracle's work has appeared on productions for the likes of Beyoncé, Jay-Z, Justin Timberlake, Chris Brown and Christina Aguilera. One would define an Oracle as “a supplier of wisdom and insightful counsel”. However, when coupled with a personal quest to inspire the aspiring by adopting a system of authentic storytelling and originality there then lays the outline of the very existence of who the SoundOracle is. Successfully mastering the skill to produce music was a dream sketched in the youthful imagination of Virginia native, SoundOracle. Yet, despite the shortage of music mentors and influencers within the DMV area, the producer and sound designer went on to prove that bringing reality to childhood aspirations is as simple as setting small challenges to test the confines of one’s own ability to overcome them. -
46
Hubbl Diagnostics
Hubbl Diagnostics
Hubbl Diagnostics provides Salesforce admins, architects, and consultants with the broadest and most actionable insights into any Salesforce org. Transform your Salesforce operations, streamline processes, optimize efficiency, and achieve unparalleled success. Our mission is clear: to help organizations tackle technical debt, eliminate redundant automation, and navigate the ever-expanding complexity of their Salesforce orgs. By doing so, we enable businesses to maximize their return on investment in Salesforce, achieving results faster than ever before. What sets Hubbl Diagnostics apart is our proprietary metadata aggregation, which not only delivers invaluable insights but also equips the Salesforce ecosystem with benchmark data. With this data, users can easily measure and compare their org complexity against others in their industry, gaining a competitive edge.Starting Price: $79/mo -
47
Veracode
Veracode
Veracode offers a holistic, scalable way to manage security risk across your entire application portfolio. We are the only solution that can provide visibility into application status across all testing types, including SAST, DAST, SCA, and manual penetration testing, in one centralized view. -
48
The Code Registry
The Code Registry
The Code Registry is an AI-powered code intelligence and analysis platform that gives businesses and non-technical stakeholders full visibility into their software codebase, even if they don’t write code themselves. Upon connecting your code repository (GitHub, GitLab, Bitbucket, Azure DevOps, or uploading a zipped archive), the platform creates a secure “IP Vault” and runs a comprehensive automated analysis across your entire codebase. It produces a range of reports and dashboards, including a code-complexity score (revealing how intricate or maintainable your code is), open-source component analysis (detecting dependencies, license status, outdated or vulnerable libraries), security analysis (identifying potential vulnerabilities, insecure configurations or risky dependencies), and a “cost-to-replicate” valuation, estimating how much effort or resources it would take to rebuild or replace the software from scratch.Starting Price: $2 per month -
49
Visual Expert
Novalys
Visual Expert is a static code analyzer for Oracle PL/SQL, SQL Server T-SQL, and PowerBuilder. Identify code dependencies to modify your code without breaking your application. Scan your code to improve the security, performance, and quality. Perform Impact analysis to Identify breaking changes. Automatically scan your code to detect and fix security vulnerabilities, bugs and maintenance Issues. Implement continuous code inspection Understand the inner workings of your code with call graphs, code diagrams, CRUD Matrix and Object Dependency Matrix (ODM). Automatically generate an HTML Source Code documentation. Explore your code exploration with hyperlinks Compare applications, databases or pieces of code. Improve maintainability. Clean up code. Comply with dev standards. Analyze and Improve DB code performance: Find slow objects and SQL queries, Optimize a slow object, a Chain of calls a slow SQL, Get a query Execution Plan. And much more.Starting Price: $495 per year -
50
Appknox
Appknox
Push world-class mobile apps faster into the market without compromising on security Build and deploy world-class mobile apps for your organizations at scale and leave your mobile app security to us. Highest Rated Security solution on Gartner We rejoice when the Appknox system secures our client’s app against all vulnerabilities. At Appknox we’re dedicated to delivering Mobile Application Security to help businesses achieve their objectives today and in the near Future. Static Application Security Testing (SAST). With 36 different test cases, Appknox SAST can detect almost every vulnerability that’s lurking around by analyzing your source code. Our tests cover security compliances like OWASP Top 10, PCI-DSS, HIPAA and other commonly used security threat parameters. Dynamic Application Security Testing (DAST). Detect advanced vulnerabilities while your application is running.
