HCL AppScan Source identifies web-based and mobile application source code vulnerabilities early in the software development cycle, so they can be fixed before deployment.
OWASP Dependency Check identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.

NowSecure Platform fully automates security and privacy testing for mobile apps you build and use within one easy-to-use portal. Test pre-prod and/or published iOS/Android binaries while monitoring the apps that power your workforce.

Portswigger BurpSuite Pro is a testing platform that maps and analyzes an applications attack surface then discovers and exploits security vulnerabilities.
Qualys Web Application Scanning (WAS) is an automated service that performs regular testing of web applications with automated crawling that scales and minimizes false positives.
Rapid7 AppSpider creates custom attacks based on the architecture of your specific application to provide the most accurate testing results.
Skipfish is a web application security tool that prepares interactive sitemaps of targeted sites.

Sonatype Nexus help organizations improve the quality, security, and speed of their software supply chains.

Tenable Nessus identifies network vulnerabilities and configurations, then prevents attacks on the network.

Trustwave App Scanner Enterprise (Cenzic Hailstorm) automates the detection of security vulnerabilities in web applications and services with an emulated browser and mock attacks within its patented Hailstorm™ scanning engine.

Veracode Static Analysis provides fast, automated security feedback to developers, conducts a full policy scan before deployment, and gives clear guidance on what issues to focus on and how to fix them faster. Results have high accuracy without manual tuning based on 10 trillion lines of code scanned through our SaaS-based engines.
Veracode Dynamic Analysis helps you scan your web applications for exploitable vulnerabilities at scale. With an ability to test thousands of applications simultaneously and a less than 1% false positive rate coupled with comprehensive remediation guidance, customers are able to rapidly reduce their risk of a breach across their web applications.