Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Static Application Security Testing (SAST). Updated: May 2026.
Static Application Security Testing provides tools to identify vulnerabilities in code early in the development cycle, improving security and minimizing risk exposure.SAST focuses on analyzing source code, binaries, or bytecode to detect issues like SQL injection, buffer overflows, and cross-site scripting. This proactive approach enables developers to remediate potential security flaws before applications are deployed. The solution integrates seamlessly with existing CI/CD pipelines,...
We're having success using the MEND SAST offering. The OWASP Foundation has an overview of some of the options Source Code Analysis Tools | OWASP Foundation
@Ben Dyer thank you for the response and feel free to share more feedback about the product later, once you use it more extensively.
There is this new product from CodeEye Solutions called IRIS that brings all code risk management into one platform.
Check us out please: https://codeeyesolutions.com/S...