CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > Compatibility > Sort By Country  
ID

CWE Community

Sort By Country

All organizations participating in the Compatibility Program are listed below.

Country (17) Organization (58) Product (100) Type Capability Compatibility Status
Brazil Conviso Application Security Conviso Security Compliance (CSC) Vulnerability Identification and Management
Output
Searchable
Coverage
Canada Klocwork, Inc. Klocwork Insight Assessment and Remediation Tool
Output
Searchable
Coverage
Finland Codenomicon Ltd. DEFENSICS X Fuzz Testing Tool with Integrated Capability to Report CWE Identifiers and Descriptions for Found Vulnerabilities
Output
Searchable
Coverage
Available
Available
Planned
France Ambionics Security Ambionics Security Security Service
Coverage
Output
Searchable
Available
Available
Available
France CAST CAST Application Intelligence Platform Automated Application Assessment Platform
Output
Searchable
Coverage
France MathWorks, Inc. Polyspace Bug Finder Static Analysis Tool and Coding Rules Checker
Coverage
Output
Searchable
France NETpeas, SA COREvidence Cloud-Based, Multi-Engines Vulnerability Management Service
Output
Coverage
Searchable
Available
Available
Planned
France Security-Database Security-Database Web Services Web Services
Output
Searchable
Coverage
France ToolsWatch vFeed API and Vulnerability Database Community Open Source Correlated and Cross-Linked Vulnerability XML Vulnerability Database
Coverage
Output
Searchable
Indonesia Cr0security Cr0security Certified Security Testing Professional Security Testing Certification
Coverage
Output
Searchable
Indonesia Cr0security Cr0security Penetration Testing and Consultant Services Network Penetration Testing and Vulnerability Assessment Services
Coverage
Output
Searchable
Ireland CppCheck Development Team Cppcheck A tool for static C/C++ code analysis
Output
Searchable
Coverage
Available
Available
Planned
Israel Checkmarx CxCloud Static Code Analysis On Demand
Output
Searchable
Coverage
Available
Available
Available
Israel Checkmarx CxEnteprise Static Code Analysis On Premise
Output
Searchable
Coverage
Available
Available
Available
Israel Checkmarx CxSuite Static Application Security Testing/Application Security Code Review
Output
Searchable
Coverage
Available
Available
Available
Italy Julia S.R.L. Julia Static Program Analysis Tool
Coverage
Output
Searchable
Japan Information-technology Promotion Agency, Japan (IPA) JVN iPedia Vulnerability Countermeasure Information Database
Output
Searchable
Coverage
Available
Available
Available
Japan Information-technology Promotion Agency, Japan (IPA) MyJVN Filtered Vulnerability Countermeasure Information Tool
Output
Searchable
Coverage
Available
Available
Available
Korea Evenstar BigLook Code verification tool for ensuring source code compliance with domestic and international code seucrity guidelines.
Coverage
Output
Searchable
Korea Fasoo.com, Inc. SPARROW Semantic-Based Static Program Analysis Tool
Output
Searchable
Coverage
Korea GTONE Co., Ltd. SecurityPrism Semantic Based Static Application Security Testing Tool
Coverage
Output
Searchable
Korea Soft4Soft Co., Ltd. RESORT Code Analysis Static Analysis Tool and Coding Rules Checker
Coverage
Output
Searchable
Korea Suresoft Technologies Inc. CodeScroll Code Inspector Code-Based Auto Inspection Tool
Coverage
Output
Searchable
Korea Suresoft Technologies Inc. CodeScroll SNIPER Static Code Analysis Tool
Coverage
Output
Searchable
P.R. China Beijing Beida Software Engineering Development Co., Ltd. COBOT Program Static Analysis Tool
Coverage
Output
Searchable
Poland CXSecurity cIFrex Free Security Research Tool
Output
Searchable
Documentation
Coverage
Available
Available
Available
Available
Poland CXSecurity World Laboratory of Bugtraq (WLB) 2 Vulnerability Database
Output
Searchable
Coverage
Poland SecurityReason SecurityAlert Web Application Security Risk Management Platform
Output
Searchable
Coverage
Available
Available
Available
Singapore Astyran Pte Ltd. Secure Code Review Secure Code Review
Output
Searchable
Coverage
Available
Available
Planned
Singapore Astyran Pte Ltd. Secure Design Review Secure Design Review
Output
Searchable
Coverage
Available
Available
Planned
Singapore Astyran Pte Ltd. Web Application Vulnerability Assessment Application Vulnerability Assessment
Output
Searchable
Coverage
Available
Available
Available
Spain Optimyth Software Kiuwan Code Analysis SaaS Enterprise Software Analytics Platform - Local Static Code Analysis with Emphasis on Security
Coverage
Output
Searchable
Switzerland High-Tech Bridge SA High-Tech Bridge Security Advisories Database/Knowledge Repository Based upon High-Tech Bridge's Proprietary Research
Output
Searchable
Coverage
Switzerland High-Tech Bridge SA ImmuniWeb SaaS Web Application Vulnerability Assessment Service
Coverage
Output
Searchable
Switzerland SonarSource SA SonarQube platform with C/C++ plugin Continuous Inspection, Trending, and Code Quality Management Platform
Coverage
Output
Searchable
Switzerland SonarSource SA SonarQube platform with Java plugin Continuous Inspection, Trending, and Code Quality Management Platform
Coverage
Output
Searchable
Switzerland SonarSource SA SonarQube platform with Objective-C plugin Continuous Inspection, Trending, and Code Quality Management Platform
Coverage
Output
Searchable
United Kingdom LDRA LDRA Testbed Static and Dynamic Software Analysis Tool Suite
Output
Searchable
Coverage
United Kingdom LDRA LDRArules Static Analysis Tool and Coding Rules Checker
Coverage
Output
Searchable
United Kingdom LDRA TBvision Static Analysis Tool and Coding Rules Checker
Output
Searchable
Coverage
United Kingdom Open Web Application Security Project (OWASP) Zed Attack Proxy (ZAP) Integrated Penetration Testing Tool for Finding Vulnerabilities in Web Applications
Coverage
Output
Searchable
Available
Available
Planned
United States AdaCore CodePeer Automated Code Review and Validation Tool
Coverage
Output
Searchable
United States Apple, Inc. Secure Development Lifecycle Secure Development Lifecycle
Output
Coverage
Searchable
Available
Available
No
United States Armorize Technologies, Inc. CodeSecure Enterprise Web Application Source Code Analysis Tool
Output
Searchable
Coverage
Available
Available
Available
United States Armorize Technologies, Inc. CodeSecure Verifier Web Application Source Code Analysis Suite
Output
Searchable
Coverage
Available
Available
Available
United States Armorize Technologies, Inc. CodeSecure Workbench Web Application Source Code Analysis Tool
Output
Searchable
Coverage
Available
Available
Available
United States Cenzic, Inc. Cenzic Hailstorm Enterprise ARC Web Application Security Risk Management Platform
Output
Searchable
Coverage
Available
Available
Available
United States Cenzic, Inc. Cenzic Hailstorm Professional Web Application Penetration Testing and Vulnerability Management System
Output
Searchable
Coverage
Available
Available
Available
United States CERIAS/Purdue University Secure programming class, CS390S Secure Programming Class and Publicly Available Teaching Materials
Output
Searchable
Coverage
Available
Available
Planned
United States Cigital, Inc. Architectural and Design Risk Management Software Security Architecture and Design Risk Assessment and Management
Output
Searchable
Coverage
Available
Available
Planned
United States Cigital, Inc. Secure Code Review with Automated Tools Security Code Assessment
Output
Searchable
Coverage
Available
Available
Planned
United States Cigital, Inc. Security Training and Awareness (various courses) Software Security Training and Awareness Courses
Output
Searchable
Coverage
Available
Available
Planned
United States Code Dx, Inc. Code Dx Enterprise Edition Software Vulnerability Assessment Tool
Output
Searchable
Coverage
Available
Available
Planned
United States Code Dx, Inc. Code Dx Standard Edition Software Vulnerability Assessment Tool
Output
Searchable
Coverage
Available
Available
Planned
United States Coverity, Inc. Coverity Quality Advisor Static Application Security Testing (SAST)
Output
Searchable
Coverage
United States Coverity, Inc. Coverity Security Advisor Static Application Security Testing (SAST)
Output
Searchable
Coverage
United States David A. Wheeler Flawfinder Assessment Tool
Coverage
Output
Searchable
United States Denim Group, Ltd ThreadFix Open Source Vulnerability Management Tool
Output
Searchable
Coverage
United States EC-Council EC-Council Certified Secure Programmer Secure Programmer Certification Program
Output
Searchable
Coverage
Planned
Planned
No
United States EMC Corporation and RSA (The Security Division of EMC) EMC Product Security Policy (PSP) Enterprise Policy for Secure Product Development
Output
Searchable
Coverage
Available
Available
No
United States EMC Corporation and RSA (The Security Division of EMC) EMC Security Development Lifecycle (SDL) Enterprise Secure Development Lifecycle
Output
Searchable
Coverage
Available
Available
No
United States EMC Corporation and RSA (The Security Division of EMC) EMC Vulnerability Response Policy (VRP) Enterprise Response Policy for Product Vulnerabilities
Output
Searchable
Coverage
Available
Available
No
United States GrammaTech, Inc. CodeSonar Static Analysis Tool
Output
Searchable
Coverage
United States Hewlett-Packard Development Company, L.P. HP Assessment Management Platform (ASP) Enterprise Platform for Managing a Web Application Security Assessment Program
Output
Searchable
Coverage
United States Hewlett-Packard Development Company, L.P. HP DevInspect Web Application Security Assessment Tool for Developers
Output
Searchable
Coverage
Planned
Planned
Planned
United States Hewlett-Packard Development Company, L.P. HP Fortify On Demand Static and Dynamic Analysis and Results Reporting Service
Output
Searchable
Coverage
United States Hewlett-Packard Development Company, L.P. HP Fortify Real-Time Analyzer Real-Time Detection and Prevention of Attacks
Output
Searchable
Coverage
United States Hewlett-Packard Development Company, L.P. HP Fortify Software Security Center Results Reporting
Output
Searchable
Coverage
United States Hewlett-Packard Development Company, L.P. HP Fortify Static Code Analyzer Static Analysis and Results Reporting
Output
Searchable
Coverage
United States Hewlett-Packard Development Company, L.P. HP QAInspect Web Application Security Assessment Tool for QA
Output
Searchable
Coverage
Planned
Planned
Planned
United States Hewlett-Packard Development Company, L.P. HP SaaS for ASC Web Application Security Assessment and AMP delivered through Software-as-a-Service
Output
Searchable
Coverage
Planned
Planned
Planned
United States Hewlett-Packard Development Company, L.P. HP WebInspect Dynamic Analysis Web Application Security Assessment Tool
Output
Searchable
Coverage
United States IBM Rational Rational AppScan Tester Edition Development-Time Web Application Security Testing Tool
Output
Searchable
Coverage
Planned
Planned
Planned
United States IBM Security Systems IBM Security AppScan Enterprise Enterprise Web Application Security Assessment Tool
Output
Searchable
Coverage
Planned
Planned
Planned
United States IBM Security Systems IBM Security AppScan Source Source Code Testing Tool
Output
Searchable
Coverage
Available
Available
Available
United States IBM Security Systems IBM Security AppScan Standard Web Application Security Assessment Scanner
Output
Searchable
Coverage
United States ISC2 The International Information Systems Security Certification Consortium Certification of Software Lifecycle Personnel Professional Certification
Output
Searchable
Coverage
Available
Planned
Planned
United States KDM Analytics Software Assurance Assessment Software Assurance Assessment Service
Output
Searchable
Coverage
Available
Available
Planned
United States KDM Analytics Tool Output Integration Framework (TOIF) Open Source Vulnerability Detection Platform
Output
Searchable
Coverage
Available
Available
Available
United States Lucent Sky Corporation Lucent Sky Application Vulnerability Mitigation (AVM) Application Vulnerability Mitigation
Coverage
Output
Searchable
United States National Institute of Standards and Technology (NIST) Software Assurance Reference Dataset (SARD) Web-based Software Security Assurance Application
Output
Searchable
Coverage
United States Parasoft Corporation C/C++test Versions 10.x Static Code Analysis
Coverage
Output
Searchable
Available
Available
Available
United States Parasoft Corporation C/C++test Versions 9.x Static Code Analysis
Output
Searchable
Coverage
Available
Available
Available
United States Parasoft Corporation dotTEST Versions 10.x Static Code Analysis
Coverage
Output
Searchable
Available
Available
Available
United States Parasoft Corporation dotTEST Versions 9.x Static Code Analysis
Coverage
Output
Searchable
Available
Available
Available
United States Parasoft Corporation Jtest Version 9.x Static Code Analysis
Coverage
Output
Searchable
Available
Available
Available
United States Parasoft Corporation Jtest Versions 10.x Static Code Analysis
Coverage
Output
Searchable
Available
Available
Available
United States Programming Research, Inc. QA*C - CWE Compliance Module for C Programming Language Static Analysis of C code with advanced Data-flow/Control-flow/Cross-project and Multilanguage capabilities
Coverage
Output
Searchable
United States Programming Research, Inc. QA*CPP - CWE Compliance Module for C++ Programming Language Source Code Static Analysis Product Suite
Output
Searchable
Coverage
Planned
Planned
Planned
United States Red Hat, Inc. Red Hat Customer Portal Customer Assessment Service
Output
Searchable
Coverage
United States SANS Institute Secure Programming Exams/Assessments Professional Secure Programming Examination
Output
Searchable
Coverage
Planned
Planned
Planned
United States SD Elements SDElements Secure Application Lifecycle Management (SALM) Tool
Output
Searchable
Coverage
Available
Available
Available
United States SkillBridge, LLC Secure Application Development Training Courses Instructor Led Training
Output
Searchable
Coverage
Planned
Planned
Planned
United States SofCheck Inc. SofCheck Inspector for Ada Static Analysis and Fault Detection Tool
Searchable
Output
Coverage
Available
Planned
Planned
United States Symantec Corporation Symantec Product Security Symmunize (Symantec's Secure Development Lifecycle Process)
Output
Searchable
Coverage
Available
Available
No
United States Veracode, Inc. Veracode Analytics SAST, DAST, Manual Penetration Testing
Output
Searchable
Coverage
United States Veracode, Inc. Veracode Dynamic Analysis SAST, DAST, Manual Penetration Testing
Output
Searchable
Coverage
United States Veracode, Inc. Veracode Manual Testing SAST, DAST, Manual Penetration Testing
Output
Searchable
Coverage
United States Veracode, Inc. Veracode Static Analysis SAST, DAST, Manual Penetration Testing
Output
Searchable
Coverage
United States WebLayers, Inc. WebLayers Center Security Policy Library Software Development Lifecycle (SDLC) Governance
Output
Searchable
Coverage

More information is available — Please select a different filter.
Page Last Updated: May 19, 2017