The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Why do you think that https://github.com/analysis-tools-dev/static-analysis is a good alternative to find-sec-bugs