Find top products in Static Code Analysis Tools category

Design code for efficient vectorization, threading, and offloading to accelerators.

Snyk is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Our solutions enable modern applications to be built securely — empowering developers to own and build security for the whole application, from code and open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice and verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix and merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as you write a Dockerfile, continuously monitor container images throughout their lifecycle and prioritize with context. Secure build & deployment pipelines: Integrate natively with your CI/CD, configure your rules, find and fix issues in your application.

ReSharper is a renowned productivity tool that turns Microsoft Visual Studio into a much better IDE. Both individual .NET developers and teams rely on ReSharper to write and maintain code in a more manageable and enjoyable way, adopt the best coding practices, and deliver higher-quality applications faster.

SonarQube Server is an on-premise analysis tool designed to detect quality and security issues in 30+ languages, frameworks, and IaC platforms. The solution also provides fix recommendations leveraging AI with Sonar’s AI CodeFix capability. By integrating directly with your CI pipeline or on one of our supported DevOps platforms, your code is checked against an extensive set of rules that cover many attributes of code, such as maintainability, reliability, and security issues on each merge/pull request.

PC-lint was the pioneer of static analysis software with its award-winning release in 1985 by Gimpel Software. Since that time, it has been trusted by countless developers to find bugs in projects of all sizes and across all industries. PC-lint Plus, first released in 2017, is the latest offering providing unparalleled analysis capabilities for C and C++.

SonarQube Cloud is the industry-leading SaaS code analysis tool for detecting coding issues in 30+ languages, frameworks, and IaC platforms. The solution also provides fix recommendations leveraging AI with Sonar’s AI CodeFix capability. By integrating directly with your CI pipeline or one of the supported DevOps platforms, your code is checked against an extensive set of rules that cover many attributes of code, such as maintainability, reliability, and security issues, on each merge/pull request.

Aikido Security is a developer-friendly software security platform. It scans your code, containers & cloud in 9 different ways, showing you which security issues and vulnerabilities are actually important to solve. We speed up triaging massively by cutting out the false-positives, and making things human-readable.

SonarQube for IDE is a free IDE plugin for static code analysis brought to you by Sonar. It’s a developers first line of defense, designed to detect coding issues in real-time for 25 languages, frameworks, and IaC platforms.

CodeScan Shield is an automated tool that provides Salesforce developers and administrators the visibility they need to ensure their DevSecOps products are strong, secure, and reliable. This is accomplished through two modules: CodeScan: The static code analysis alerts Salesforce developers the moment an error is introduced to the code repository. Code is checked against more than 600 built-in rules to verify proper structures. CodeScan can also find and flag technical debt that might be lurking unseen in your environment. CodeScan is 100% compatible with Salesforce languages and metadata and supports CWE, SANS, and OWASP standards. OrgScan: Automated scans of SF rules and policies verify adherence to essential considerations and processes. Violations are flagged and recorded in an interactive dashboard for total visibility. This allows administrators to maintain 100% adherence to native and custom Salesforce policies and maintain governance control within their organization

Sigrid? - Your Single Source of Truth for Software Excellence Sigrid is a data-driven software intelligence platform that analyzes source code to provide comprehensive insights on risks, costs, and opportunities, enabling actionable business decisions. Bring your apps to market up to 4x faster and save up to 50% on Total Cost of Ownership with above-market software quality. Sigrid enables you to measure, evaluate, and monitor your entire software landscape health at every stage of its life cycle. By exposing hidden risks and opportunities in your source code, Sigrid gives you continuous insights and recommendations on its performance. Sigrid offers a shared, objective view of your systems architecture that you can use to support this communication and have more thoughtful discussions. Showcase the As-Is status of your whole IT portfolio, and get help in prioritizing modernization activities, highlighting their ROI. Boost innovation capacity. Smash technical debt. Meet Sigrid!