Conducting SAST for Java Applications

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/java
#Code Analysis #Findbugs #Static Analysis #HacktoberFest #Java

Our great sponsors
  • CodiumAI - TestGPT | Generating meaningful tests for busy devs
  • Sonar - Write Clean Java Code. Always.
  • InfluxDB - Access the most powerful time series database as a service
  • ONLYOFFICE ONLYOFFICE Docs — document collaboration in your environment
Our great sponsors

  • Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

    Static application security testing (SAST) is essential in tackling the source code vulnerabilities, late diagnosis of problems, and lack of root-cause analysis. This post describes how to carry out SAST in your Java application using SpotBugs.

  • find-sec-bugs

    The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

    How can the article fail to mention Find Security Bugs (find-sec-bugs) when talking about using SpotBugs (ex-FindBugs) for analyzing code for security issues?

  • CodiumAI

    TestGPT | Generating meaningful tests for busy devs. Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts