Introducing
The Slant team built an AI & it’s awesome
Find the best product instantly
Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to Safari
Try it now
4.7 star rating
0
Security
Code
What are the best code security analyzers?
5
Options
Considered
8
User
Recs.
Dec 22, 2023
Last
Updated
Related Questions
Activity
Have feedback or ideas?
Join our community
on Discord
Ad
5
Options
Considered
Best code security analyzers
Price
Platforms
Technology
--
sonarqube
Free / paid
Windows, Linux, Mac, Web
Java
--
Kiuwan
-
-
-
--
Fortify
-
-
-
--
OWASP Dependency-Check
Free
Windows, Linux, Mac, Docker
Java
--
Snyk
Free / paid
-
-
See Full List
--
sonarqube
My Rec
ommendation
for
sonarqube
My Recommendation for
sonarqube
All
1
Specs
Specs
Platforms:
Windows, Linux, Mac, Web
Technology:
Java
Hide
Free / paid
Recommend
2
--
Kiuwan
My Rec
ommendation
for
Kiuwan
My Recommendation for
Kiuwan
Hide
Get it
here
Recommend
1
--
Fortify
My Rec
ommendation
for
Fortify
My Recommendation for
Fortify
Hide
Get it
here
Recommend
1
--
OWASP Dependency-Check
My Rec
ommendation
for
OWASP Dependency-Check
My Recommendation for
OWASP Dependency-Check
All
8
Experiences
1
Pros
3
Cons
3
Specs
Top
Con
•••
NVD API
Requires an NVD API key and the first mvn check took 10 hours.
See More
Top
Pro
•••
Free
See More
RickZeeland's Experience
OWASP dependency-check is open-source and can be used to scan Java and .NET applications via the CLI or using plugins.
See More
Specs
Platforms:
Windows, Linux, Mac, Docker
Technology:
Java
Top
Con
•••
No TeamCity plugin
There is no official TeamCity plugin, but there seems to be an unofficial tool: PacMon.
See More
Top
Pro
•••
Azure DevOps Extension
An Azure DevOps Extension is available on the Visual Studio Marketplace.
See More
Top
Con
•••
Needs Java
Needs Java to be installed.
See More
Top
Pro
•••
Jenkins plugin
See More
Hide
See All
Free
Recommend
1
1
--
Snyk
My Rec
ommendation
for
Snyk
My Recommendation for
Snyk
All
4
Pros
2
Cons
2
Top
Pro
•••
TeamCity plugin
TeamCity plugin available.
See More
Top
Con
•••
ASP.NET Core is "High risk"
The TeamCity plugin fails the build for all ASP.NET Core applications stating that it is vulnerable to DOS attacks and that "there is no fix available".
See More
Top
Pro
•••
Integrations
Snyk can connect directly to GitHub, GitLab, Heroku, AWS Lambda, Bitbucket Server etc. It is also possible to use the CLI.
See More
Top
Con
•••
Shallow .NET support
Only seems to check the NuGet packages and not much else.
See More
Hide
See All
Free / paid
Recommend
2
Don't see your favorite option? Add it.
Built By the Slant team
Find the best product instantly.
4.7 star rating
Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to Safari
Try it now - it's free
One sec!
Are you sure that you want to abandon your hard work?
Delete Work
Continue working
{}
undefined
url next
price drop