Key Features

Security and Quality Checks Configures and runs many bundled static analysis tools with more than 1,500 configurable rules with support for C, C++, C#, Java, JavaScript, JSP, PHP, Python, Rails, Ruby, Scala, and VB.NET.

Reporting Generates and shares your findings with PDF, XML, CSV, AlienVault/NBE and Nessus reports, pushes results to developer IDEs, creates JIRA issues, or our REST API can be used to integrate with other systems.

Automation Catches issues early and often by automating continuous application security. Our Jenkins and REST APIs fit well within DevOps teams.

Unified Results One interface for your consolidated set of results from SAST, IAST, and manual findings, with duplicates merged using our customizable correlation engine.

Standardization Communicates findings consistently from any tool with support for CWE and many other industry standards such as HIPAA, DISA STIGs, OWASP Top 10, SANS Top 25, and PCI-DSS.

Installation in minutes Deploys full stack in minutes for Windows, Mac, and Linux, with VM and cloud deployments available as well.

Triage and Remediation Filters and prioritizes the issues that matter most and provides developers with customizable remediation guidance.

SDLC Integration Integrates directly into your existing workflow with support for Eclipse, Visual Studio, Git, Jenkins, and JIRA.

Integration with all your tools Supports most commercial and open source tools. Quick and easy to integrate.