Conducting SAST for Java Applications

This page summarizes the projects mentioned and recommended in the original post on /r/java

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

    Static application security testing (SAST) is essential in tackling the source code vulnerabilities, late diagnosis of problems, and lack of root-cause analysis. This post describes how to carry out SAST in your Java application using SpotBugs.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • find-sec-bugs

    The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

    How can the article fail to mention Find Security Bugs (find-sec-bugs) when talking about using SpotBugs (ex-FindBugs) for analyzing code for security issues?

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Looking for a Static Code Analysis tool for Scala Code

    2 projects | /r/cybersecurity | 28 Aug 2021
  • What are some useful static analyzers for Java?

    9 projects | /r/java | 2 Jan 2022
  • JVM/Java: Null-Restricted and Nullable Types

    3 projects | news.ycombinator.com | 2 Aug 2024
  • We Have Code Quality At Home: Open Source Java Code Quality Tools

    4 projects | dev.to | 6 May 2024
  • Handling EI_EXPOSE_REP & EI_EXPOSE_REP2 👨🏻‍💻

    1 project | dev.to | 30 Apr 2024