Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits web applications by checking for vulnerabilities accessible via web browser.
Arachni is a Ruby framework that helps penetration testers and administrators gauge web application security.
Barracuda Vulnerability Manager is a free service that detects web application vulnerabilities and helps you remediate them automatically.
Black Duck integrates with ThreadFix to automatically scan, identify and inventory open source software, allowing you to understand license obligations, conflicts and risks.
Brakeman is an open source static analysis vulnerability scanner tailored for Ruby on Rails applications designed to spot security vulnerabilities.
Checkmarx’s CxSAST is a tool that discovers and documents application layer security vulnerabilities.
Contrast IAST Scanner Integration uses sensors to passively monitor the behavior of applications and discover vulnerabilities quickly and accurately.
Coverity® identifies critical software quality defects and security vulnerabilities in code as it’s written, early in the development process, when it’s least costly and easiest to fix.
FindBugs is a static analysis open source program that detects bugs in Java code.
HCL AppScan Enterprise mitigates application security risk, strengthen application security program management initiatives and achieve regulatory compliance.
HCL AppScan on Cloud (ASoC) is a cloud app security offering that helps secure your organization’s Web, cloud, mobile, and other applications.
HCL AppScan Source identifies web-based and mobile application source code vulnerabilities early in the software development cycle, so they can be fixed before deployment.