CWE

Common Weakness Enumeration

A community-developed list of SW & HW weaknesses that can become vulnerabilities

New to CWE? click here!
CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home > Compatibility > Sort By Capability  
ID

Sort By Capability

NOTICE: As of 4/16/2024, the CWE Compatibility Program has been discontinued. The product listings included in this section have been moved to "archive" status.

MOVING FORWARD: Please follow these CWE Compatibility Requirements to consider your product or service "CWE Compatible."

Archived:

All organizations participating in the Compatibility Program are listed below.

CWE Output

Product (158) Organization (87) Type Country (20) Status
Ambionics Security Ambionics Security Security Service France
CWE Compatible
Astrée AbsInt Angewandte Informatik GmbH Static Analysis Tool and Coding Rules Checker Germany
CWE Compatible
BigLook Evenstar Code verification tool for ensuring source code compliance with domestic and international code seucrity guidelines. Korea
CWE Compatible
BinSearch ValiantSec Technology Co.,Ltd SCA China
CWE Compatible
C/C++test Parasoft Corporation Static Code Analysis United States
CWE Compatible
CAST Application Intelligence Platform CAST Automated Application Assessment Platform France
CWE Compatible
Checkmarx Static application security testing (SAST) Checkmarx Static application security testing engine - available both as an on-premises application or in the cloud as part of the Checkmarx One application security suite. Israel
CWE Compatible
COBOT Beijing Beida Software Engineering Development Co., Ltd. Program Static Analysis Tool P.R. China
CWE Compatible
COBOT-SCA Beijing Beida Software Engineering Development Co., Ltd. Software Composition And Vulnerability Analysis P.R. China
CWE Compatible
Code Check Hangzhou Huawei Cloud Computing Technologies Co., Ltd CodeCheck/Code static analysis/ SAST(Static Application Security Testing) China
CWE Compatible
CODE-RAY TRINITYSOFT Co., Ltd Source Code Security weakness analysis tool Korea
CWE Compatible
CodeAnt ValiantSec Technology Co.,Ltd SCA and Development security China
CWE Compatible
CodeArts Check Hangzhou Huawei Cloud Computing Technologies Co., Ltd CodeArts Check/Code static analysis/SAST(Static Application Security Testing) China
CWE Compatible
CodePeer AdaCore Automated Code Review and Validation Tool United States
CWE Compatible
CodeScroll Code Inspector Suresoft Technologies Inc. Code-Based Auto Inspection Tool Korea
CWE Compatible
CodeScroll SNIPER Suresoft Technologies Inc. Static Code Analysis Tool Korea
CWE Compatible
CodeScroll STATIC Suresoft Technologies Inc. Web-based Static Code Analysis Tool Korea
CWE Compatible
CodeSec SecZone Statically Apply Security Tool China
CWE Compatible
CodeSense ValiantSec Technology Co.,Ltd SAST China
CWE Compatible
CodeSonar GrammaTech, Inc. Static Analysis Tool United States
CWE Compatible
Conviso Security Compliance (CSC) Conviso Application Security Vulnerability Identification and Management Brazil
CWE Compatible
Corax Shanghai Feiyu Technology Co.,Ltd. Static Application Security Testing China
CWE Compatible
Coverity Synopsys Inc. Static Application Security Testing United States
CWE Compatible
Cr0security Certified Security Testing Cr0security Professional Security Testing Certification Indonesia
CWE Compatible
Cr0security Penetration Testing and Consultant Services Cr0security Network Penetration Testing and Vulnerability Assessment Services Indonesia
CWE Compatible
Cybellum Product Security Platform Cybellum Engine that can detect violation of CWEs in dinary files, on the assembly level. Israel
CWE Compatible
DerScanner DerSecur Ltd. SAST tool Israel
CWE Compatible
dotTEST Parasoft Corporation Static Code Analysis United States
CWE Compatible
Flawfinder David A. Wheeler Assessment Tool United States
CWE Compatible
FOSSCheck Suzhou Lengjingqicai Information Technology Co.,Ltd Software Composition Analysis Tool China
CWE Compatible
FossEye Suzhou Lengjingqicai Information Technology Co.,Ltd Open source security and compliance governance Tool China
CWE Compatible
High-Tech Bridge Security Advisories High-Tech Bridge SA Database/Knowledge Repository Based upon High-Tech Bridge's Proprietary Research Switzerland
CWE Compatible
IBM Security AppScan Standard IBM Security Systems Web Application Security Assessment Scanner United States
CWE Compatible
Imagix 4D, with Checklist for CWE Imagix Corporation Static Analysis and Change Review Tool United States
CWE Compatible
ImmuniWeb High-Tech Bridge SA SaaS Web Application Vulnerability Assessment Service Switzerland
CWE Compatible
IriusRisk IriusRisk SaaS Enterprise Threat Modeling platform United States
CWE Compatible
Jtest Parasoft Corporation Static Code Analysis United States
CWE Compatible
Julia Julia S.R.L. Static Program Analysis Tool Italy
CWE Compatible
Kiuwan Application Security platform Kiuwan Software S.L SaaS Enterprise Software Analytics Platform - Local Static Code Analysis with Emphasis on Security Spain
CWE Compatible
Klocwork Insight Klocwork, Inc. Assessment and Remediation Tool Canada
CWE Compatible
LDRA Testbed LDRA Static and Dynamic Software Analysis Tool Suite United Kingdom
CWE Compatible
LDRArules LDRA Static Analysis Tool and Coding Rules Checker United Kingdom
CWE Compatible
Lucent Sky Application Vulnerability Mitigation (AVM) Lucent Sky Corporation Application Vulnerability Mitigation United States
CWE Compatible
Micro Focus Application Defender Micro Focus Fortify Real-Time Detection and Prevention of Attacks United States
CWE Compatible
Micro Focus Fortify On Demand Micro Focus Fortify Static and Dynamic Analysis and Results Reporting Service United States
CWE Compatible
Micro Focus Software Security Center Micro Focus Fortify Results Reporting United States
CWE Compatible
Micro Focus Static Code Analyzer Micro Focus Fortify Static Analysis and Results Reporting United States
CWE Compatible
Micro Focus WebInspect Micro Focus Fortify Dynamic Analysis Web Application Security Assessment Tool United States
CWE Compatible
NaiveSystems Analyze Naive Systems Ltd. Static Analysis Tool and Coding Rules Checker China
CWE Compatible
Oversecured Oversecured Inc A SaaS-based mobile app vulnerability scanner United States
CWE Compatible
PC-lint Plus Vector Informatik GmbH C/C++ Static Code Analysis Germany
CWE Compatible
Polyspace Bug Finder MathWorks, Inc. Static Analysis Tool and Coding Rules Checker France
CWE Compatible
QA*C - CWE Compliance Module for C Programming Language Programming Research, Inc. Static Analysis of C code with advanced Data-flow/Control-flow/Cross-project and Multilanguage capabilities United States
CWE Compatible
QI-ANXIN Codesafe QI-ANXIN Technology Group Inc. Assessment Tool China
CWE Compatible
QI-ANXIN OSS Security QI-ANXIN Technology Group Inc. Assessment Tool China
CWE Compatible
Red Hat Customer Portal Red Hat, Inc. Customer Assessment Service United States
CWE Compatible
RedRocket SAST Beijing RedRocket Technology Co., Ltd Static Analysis Tool China
CWE Compatible
RedRocket SCA Beijing RedRocket Technology Co., Ltd Software Composition Analysis Tool China
CWE Compatible
RESORT Code Analysis Soft4Soft Co., Ltd. Static Analysis Tool and Coding Rules Checker Korea
CWE Compatible
Secidea SCAP2000 Shenzhen Secidea Network Security Technology Co., Ltd Static Application Security Testing China
CWE Compatible
Security-Database Web Services Security-Database Web Services France
CWE Compatible
SecurityPrism GTONE Co., Ltd. Semantic Based Static Application Security Testing Tool Korea
CWE Compatible
Seeker Interactive Application Security Testing (IAST) Synopsys Inc. Interactive Application Security Testing United States
CWE Compatible
SFuzz SecZone SFuzz China
CWE Compatible
SoftSec SCA Software Security TOOL China
CWE Compatible
Software Assurance Reference Dataset (SARD) National Institute of Standards and Technology (NIST) Web-based Software Security Assurance Application United States
CWE Compatible
SonarQube platform with C/C++ plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SonarQube platform with Java plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SonarQube platform with Objective-C plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SourceCheck SecZone Open Source Component Security and Compliance Management Platform China
CWE Compatible
SPARK Pro AdaCore Product United States
CWE Compatible
SPARROW Sparrow Co., Ltd. Semantic-Based Static Program Analysis Tool Korea
CWE Compatible
Static Reviewer Security Reviewer Static Application Security Testing (SAST)- Security, Dead Code & Best Practices Italy
CWE Compatible
Swift Fuzzer Testing Tool GYSecurity Technology Co., Ltd Assessment and Remediation Tool China
CWE Compatible
TBvision LDRA Static Analysis Tool and Coding Rules Checker United Kingdom
CWE Compatible
ThreadFix Denim Group, Ltd Open Source Vulnerability Management Tool United States
CWE Compatible
Tsmart Static Analyzer School of Software, Tsinghua University Static Analysis Tool P.R. China
CWE Compatible
UniSCA ValiantSec Technology Co.,Ltd SCA and Development security China
CWE Compatible
USTCHCS high confidence software analysis tool suite Anhui USTC-Guochuang High-Confidence Software Co.,Ltd Static Analysis Tool and Coding Rules Checker China
CWE Compatible
Vackbot Beijing Moyunsec Technology Co.,Ltd CART (Continuous Automated Red Teaming) + BAS (Breach and Attack Simulation) China
CWE Compatible
VackScan Beijing Moyunsec Technology Co.,Ltd Vulnerability scanning China
CWE Compatible
Veracode Analytics Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Dynamic Analysis Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Manual Testing Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Static Analysis Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
vFeed API and Vulnerability Database Community ToolsWatch Open Source Correlated and Cross-Linked Vulnerability XML Vulnerability Database France
CWE Compatible
VulHunter SecZone Interactive Application Security Testing Platform China
CWE Compatible
Vulinsight supply chain risk intelligence platform Beijing Vulinsight Technology Co., Ltd Vulnerability knowledge base system China
CWE Compatible
WebLayers Center Security Policy Library WebLayers, Inc. Software Development Lifecycle (SDLC) Governance United States
CWE Compatible
World Laboratory of Bugtraq (WLB) 2 CXSecurity Vulnerability Database Poland
CWE Compatible
WuKong SAST Beijing ZHONGKE TIANQI Information Technology Co.,Ltd. SAST(Static Application Security Testing) China
CWE Compatible
Xcheck OSS threat management platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xcheck Software Composition Analysis Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xfuse ASOC Agile Security Platform Beijing Anpro Information Technology Co. LTD Software Development Practices China
CWE Compatible
Xfuse CARTA SDLC Empower ment Platform Beijing Anpro Information Technology Co. LTD Software Development Practices China
CWE Compatible
Xmaze AI Pen-Testing Extension Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Breach and Attack Simulation Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze IAST security testing platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Static Application Security Testing Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Threat Modeling Automation Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xshark RASP Self-Adaptive Threat Immunity Platform Beijing Anpro Information Technology Co. LTD Application-Level Firewall China
CWE Compatible
Yishi Firmware Supply Chain Security Management System Anban Information Technology Co., Ltd TOOL China
CWE Compatible
ZBG-SAST CodeForce(Beijing)Software Technology Co., Ltd Static Application Security Testing China
CWE Compatible
ZBG-SCA CodeForce(Beijing)Software Technology Co., Ltd Software Composition Analysis China
CWE Compatible
Architectural and Design Risk Management Cigital, Inc. Software Security Architecture and Design Risk Assessment and Management United States
Available
Cenzic Hailstorm Enterprise ARC Cenzic, Inc. Web Application Security Risk Management Platform United States
Available
Cenzic Hailstorm Professional Cenzic, Inc. Web Application Penetration Testing and Vulnerability Management System United States
Available
Certification of Software Lifecycle Personnel ISC2 The International Information Systems Security Certification Consortium Professional Certification United States
Available
cIFrex CXSecurity Free Security Research Tool Poland
Available
Code Dx Enterprise Edition Code Dx, Inc. Software Vulnerability Assessment Tool United States
Available
Code Dx Standard Edition Code Dx, Inc. Software Vulnerability Assessment Tool United States
Available
CodeSecure Enterprise Armorize Technologies, Inc. Web Application Source Code Analysis Tool United States
Available
CodeSecure Verifier Armorize Technologies, Inc. Web Application Source Code Analysis Suite United States
Available
CodeSecure Workbench Armorize Technologies, Inc. Web Application Source Code Analysis Tool United States
Available
COREvidence NETpeas, SA Cloud-Based, Multi-Engines Vulnerability Management Service France
Available
Cppcheck CppCheck Development Team A tool for static C/C++ code analysis Ireland
Available
CxCloud Checkmarx Static Code Analysis On Demand Israel
Available
CxEnteprise Checkmarx Static Code Analysis On Premise Israel
Available
CxSuite Checkmarx Static Application Security Testing/Application Security Code Review Israel
Available
DEFENSICS X Codenomicon Ltd. Fuzz Testing Tool with Integrated Capability to Report CWE Identifiers and Descriptions for Found Vulnerabilities Finland
Available
EMC Product Security Policy (PSP) EMC Corporation and RSA (The Security Division of EMC) Enterprise Policy for Secure Product Development United States
Available
EMC Security Development Lifecycle (SDL) EMC Corporation and RSA (The Security Division of EMC) Enterprise Secure Development Lifecycle United States
Available
EMC Vulnerability Response Policy (VRP) EMC Corporation and RSA (The Security Division of EMC) Enterprise Response Policy for Product Vulnerabilities United States
Available
IBM Security AppScan Enterprise IBM Security Systems Enterprise Web Application Security Assessment Tool United States
Planned
IBM Security AppScan Source IBM Security Systems Source Code Testing Tool United States
Available
JVN iPedia Information-technology Promotion Agency, Japan (IPA) Vulnerability Countermeasure Information Database Japan
Available
MyJVN Information-technology Promotion Agency, Japan (IPA) Filtered Vulnerability Countermeasure Information Tool Japan
Available
PVS-Studio C/C++/C# static code analyzer OOO "Program Verification Systems" (Co Ltd) Static code analyzer Russia
Available
SDElements SD Elements Secure Application Lifecycle Management (SALM) Tool United States
Available
Secure Code Review Astyran Pte Ltd. Secure Code Review Singapore
Available
Secure Code Review with Automated Tools Cigital, Inc. Security Code Assessment United States
Available
Secure Design Review Astyran Pte Ltd. Secure Design Review Singapore
Available
Secure Development Lifecycle Apple, Inc. Secure Development Lifecycle United States
Available
Secure programming class, CS390S CERIAS/Purdue University Secure Programming Class and Publicly Available Teaching Materials United States
Available
Security Training and Awareness (various courses) Cigital, Inc. Software Security Training and Awareness Courses United States
Available
SecurityAlert SecurityReason Web Application Security Risk Management Platform Poland
Available
SofCheck Inspector for Ada SofCheck Inc. Static Analysis and Fault Detection Tool United States
Planned
Software Assurance Assessment KDM Analytics Software Assurance Assessment Service United States
Available
Symantec Product Security Symantec Corporation Symmunize (Symantec's Secure Development Lifecycle Process) United States
Available
Tool Output Integration Framework (TOIF) KDM Analytics Open Source Vulnerability Detection Platform United States
Available
Web Application Vulnerability Assessment Astyran Pte Ltd. Application Vulnerability Assessment Singapore
Available
Zed Attack Proxy (ZAP) Open Web Application Security Project (OWASP) Integrated Penetration Testing Tool for Finding Vulnerabilities in Web Applications United Kingdom
Available
EC-Council Certified Secure Programmer EC-Council Secure Programmer Certification Program United States
Planned
QA*CPP - CWE Compliance Module for C++ Programming Language Programming Research, Inc. Source Code Static Analysis Product Suite United States
Planned
Rational AppScan Tester Edition IBM Rational Development-Time Web Application Security Testing Tool United States
Planned
Secure Application Development Training Courses SkillBridge, LLC Instructor Led Training United States
Planned
Secure Programming Exams/Assessments SANS Institute Professional Secure Programming Examination United States
Planned

CWE Searchable

Product (157) Organization (87) Type Country (20) Status
Ambionics Security Ambionics Security Security Service France
CWE Compatible
Astrée AbsInt Angewandte Informatik GmbH Static Analysis Tool and Coding Rules Checker Germany
CWE Compatible
BigLook Evenstar Code verification tool for ensuring source code compliance with domestic and international code seucrity guidelines. Korea
CWE Compatible
BinSearch ValiantSec Technology Co.,Ltd SCA China
CWE Compatible
C/C++test Parasoft Corporation Static Code Analysis United States
CWE Compatible
CAST Application Intelligence Platform CAST Automated Application Assessment Platform France
CWE Compatible
Checkmarx Static application security testing (SAST) Checkmarx Static application security testing engine - available both as an on-premises application or in the cloud as part of the Checkmarx One application security suite. Israel
CWE Compatible
COBOT Beijing Beida Software Engineering Development Co., Ltd. Program Static Analysis Tool P.R. China
CWE Compatible
COBOT-SCA Beijing Beida Software Engineering Development Co., Ltd. Software Composition And Vulnerability Analysis P.R. China
CWE Compatible
Code Check Hangzhou Huawei Cloud Computing Technologies Co., Ltd CodeCheck/Code static analysis/ SAST(Static Application Security Testing) China
CWE Compatible
CODE-RAY TRINITYSOFT Co., Ltd Source Code Security weakness analysis tool Korea
CWE Compatible
CodeAnt ValiantSec Technology Co.,Ltd SCA and Development security China
CWE Compatible
CodeArts Check Hangzhou Huawei Cloud Computing Technologies Co., Ltd CodeArts Check/Code static analysis/SAST(Static Application Security Testing) China
CWE Compatible
CodePeer AdaCore Automated Code Review and Validation Tool United States
CWE Compatible
CodeScroll Code Inspector Suresoft Technologies Inc. Code-Based Auto Inspection Tool Korea
CWE Compatible
CodeScroll SNIPER Suresoft Technologies Inc. Static Code Analysis Tool Korea
CWE Compatible
CodeScroll STATIC Suresoft Technologies Inc. Web-based Static Code Analysis Tool Korea
CWE Compatible
CodeSec SecZone Statically Apply Security Tool China
CWE Compatible
CodeSense ValiantSec Technology Co.,Ltd SAST China
CWE Compatible
CodeSonar GrammaTech, Inc. Static Analysis Tool United States
CWE Compatible
Conviso Security Compliance (CSC) Conviso Application Security Vulnerability Identification and Management Brazil
CWE Compatible
Corax Shanghai Feiyu Technology Co.,Ltd. Static Application Security Testing China
CWE Compatible
Coverity Synopsys Inc. Static Application Security Testing United States
CWE Compatible
Cr0security Certified Security Testing Cr0security Professional Security Testing Certification Indonesia
CWE Compatible
Cr0security Penetration Testing and Consultant Services Cr0security Network Penetration Testing and Vulnerability Assessment Services Indonesia
CWE Compatible
Cybellum Product Security Platform Cybellum Engine that can detect violation of CWEs in dinary files, on the assembly level. Israel
CWE Compatible
DerScanner DerSecur Ltd. SAST tool Israel
CWE Compatible
dotTEST Parasoft Corporation Static Code Analysis United States
CWE Compatible
Flawfinder David A. Wheeler Assessment Tool United States
CWE Compatible
FOSSCheck Suzhou Lengjingqicai Information Technology Co.,Ltd Software Composition Analysis Tool China
CWE Compatible
FossEye Suzhou Lengjingqicai Information Technology Co.,Ltd Open source security and compliance governance Tool China
CWE Compatible
High-Tech Bridge Security Advisories High-Tech Bridge SA Database/Knowledge Repository Based upon High-Tech Bridge's Proprietary Research Switzerland
CWE Compatible
IBM Security AppScan Standard IBM Security Systems Web Application Security Assessment Scanner United States
CWE Compatible
Imagix 4D, with Checklist for CWE Imagix Corporation Static Analysis and Change Review Tool United States
CWE Compatible
ImmuniWeb High-Tech Bridge SA SaaS Web Application Vulnerability Assessment Service Switzerland
CWE Compatible
IriusRisk IriusRisk SaaS Enterprise Threat Modeling platform United States
CWE Compatible
Jtest Parasoft Corporation Static Code Analysis United States
CWE Compatible
Julia Julia S.R.L. Static Program Analysis Tool Italy
CWE Compatible
Kiuwan Application Security platform Kiuwan Software S.L SaaS Enterprise Software Analytics Platform - Local Static Code Analysis with Emphasis on Security Spain
CWE Compatible
Klocwork Insight Klocwork, Inc. Assessment and Remediation Tool Canada
CWE Compatible
LDRA Testbed LDRA Static and Dynamic Software Analysis Tool Suite United Kingdom
CWE Compatible
LDRArules LDRA Static Analysis Tool and Coding Rules Checker United Kingdom
CWE Compatible
Lucent Sky Application Vulnerability Mitigation (AVM) Lucent Sky Corporation Application Vulnerability Mitigation United States
CWE Compatible
Micro Focus Application Defender Micro Focus Fortify Real-Time Detection and Prevention of Attacks United States
CWE Compatible
Micro Focus Fortify On Demand Micro Focus Fortify Static and Dynamic Analysis and Results Reporting Service United States
CWE Compatible
Micro Focus Software Security Center Micro Focus Fortify Results Reporting United States
CWE Compatible
Micro Focus Static Code Analyzer Micro Focus Fortify Static Analysis and Results Reporting United States
CWE Compatible
Micro Focus WebInspect Micro Focus Fortify Dynamic Analysis Web Application Security Assessment Tool United States
CWE Compatible
NaiveSystems Analyze Naive Systems Ltd. Static Analysis Tool and Coding Rules Checker China
CWE Compatible
Oversecured Oversecured Inc A SaaS-based mobile app vulnerability scanner United States
CWE Compatible
PC-lint Plus Vector Informatik GmbH C/C++ Static Code Analysis Germany
CWE Compatible
Polyspace Bug Finder MathWorks, Inc. Static Analysis Tool and Coding Rules Checker France
CWE Compatible
QA*C - CWE Compliance Module for C Programming Language Programming Research, Inc. Static Analysis of C code with advanced Data-flow/Control-flow/Cross-project and Multilanguage capabilities United States
CWE Compatible
QI-ANXIN Codesafe QI-ANXIN Technology Group Inc. Assessment Tool China
CWE Compatible
QI-ANXIN OSS Security QI-ANXIN Technology Group Inc. Assessment Tool China
CWE Compatible
Red Hat Customer Portal Red Hat, Inc. Customer Assessment Service United States
CWE Compatible
RedRocket SAST Beijing RedRocket Technology Co., Ltd Static Analysis Tool China
CWE Compatible
RedRocket SCA Beijing RedRocket Technology Co., Ltd Software Composition Analysis Tool China
CWE Compatible
RESORT Code Analysis Soft4Soft Co., Ltd. Static Analysis Tool and Coding Rules Checker Korea
CWE Compatible
Secidea SCAP2000 Shenzhen Secidea Network Security Technology Co., Ltd Static Application Security Testing China
CWE Compatible
Security-Database Web Services Security-Database Web Services France
CWE Compatible
SecurityPrism GTONE Co., Ltd. Semantic Based Static Application Security Testing Tool Korea
CWE Compatible
Seeker Interactive Application Security Testing (IAST) Synopsys Inc. Interactive Application Security Testing United States
CWE Compatible
SFuzz SecZone SFuzz China
CWE Compatible
SoftSec SCA Software Security TOOL China
CWE Compatible
Software Assurance Reference Dataset (SARD) National Institute of Standards and Technology (NIST) Web-based Software Security Assurance Application United States
CWE Compatible
SonarQube platform with C/C++ plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SonarQube platform with Java plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SonarQube platform with Objective-C plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SourceCheck SecZone Open Source Component Security and Compliance Management Platform China
CWE Compatible
SPARK Pro AdaCore Product United States
CWE Compatible
SPARROW Sparrow Co., Ltd. Semantic-Based Static Program Analysis Tool Korea
CWE Compatible
Static Reviewer Security Reviewer Static Application Security Testing (SAST)- Security, Dead Code & Best Practices Italy
CWE Compatible
Swift Fuzzer Testing Tool GYSecurity Technology Co., Ltd Assessment and Remediation Tool China
CWE Compatible
TBvision LDRA Static Analysis Tool and Coding Rules Checker United Kingdom
CWE Compatible
ThreadFix Denim Group, Ltd Open Source Vulnerability Management Tool United States
CWE Compatible
Tsmart Static Analyzer School of Software, Tsinghua University Static Analysis Tool P.R. China
CWE Compatible
UniSCA ValiantSec Technology Co.,Ltd SCA and Development security China
CWE Compatible
USTCHCS high confidence software analysis tool suite Anhui USTC-Guochuang High-Confidence Software Co.,Ltd Static Analysis Tool and Coding Rules Checker China
CWE Compatible
Vackbot Beijing Moyunsec Technology Co.,Ltd CART (Continuous Automated Red Teaming) + BAS (Breach and Attack Simulation) China
CWE Compatible
VackScan Beijing Moyunsec Technology Co.,Ltd Vulnerability scanning China
CWE Compatible
Veracode Analytics Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Dynamic Analysis Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Manual Testing Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Static Analysis Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
vFeed API and Vulnerability Database Community ToolsWatch Open Source Correlated and Cross-Linked Vulnerability XML Vulnerability Database France
CWE Compatible
VulHunter SecZone Interactive Application Security Testing Platform China
CWE Compatible
Vulinsight supply chain risk intelligence platform Beijing Vulinsight Technology Co., Ltd Vulnerability knowledge base system China
CWE Compatible
WebLayers Center Security Policy Library WebLayers, Inc. Software Development Lifecycle (SDLC) Governance United States
CWE Compatible
World Laboratory of Bugtraq (WLB) 2 CXSecurity Vulnerability Database Poland
CWE Compatible
WuKong SAST Beijing ZHONGKE TIANQI Information Technology Co.,Ltd. SAST(Static Application Security Testing) China
CWE Compatible
Xcheck OSS threat management platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xcheck Software Composition Analysis Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xfuse ASOC Agile Security Platform Beijing Anpro Information Technology Co. LTD Software Development Practices China
CWE Compatible
Xfuse CARTA SDLC Empower ment Platform Beijing Anpro Information Technology Co. LTD Software Development Practices China
CWE Compatible
Xmaze AI Pen-Testing Extension Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Breach and Attack Simulation Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze IAST security testing platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Static Application Security Testing Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Threat Modeling Automation Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xshark RASP Self-Adaptive Threat Immunity Platform Beijing Anpro Information Technology Co. LTD Application-Level Firewall China
CWE Compatible
Yishi Firmware Supply Chain Security Management System Anban Information Technology Co., Ltd TOOL China
CWE Compatible
ZBG-SAST CodeForce(Beijing)Software Technology Co., Ltd Static Application Security Testing China
CWE Compatible
ZBG-SCA CodeForce(Beijing)Software Technology Co., Ltd Software Composition Analysis China
CWE Compatible
Architectural and Design Risk Management Cigital, Inc. Software Security Architecture and Design Risk Assessment and Management United States
Available
Cenzic Hailstorm Enterprise ARC Cenzic, Inc. Web Application Security Risk Management Platform United States
Available
Cenzic Hailstorm Professional Cenzic, Inc. Web Application Penetration Testing and Vulnerability Management System United States
Available
Certification of Software Lifecycle Personnel ISC2 The International Information Systems Security Certification Consortium Professional Certification United States
Planned
cIFrex CXSecurity Free Security Research Tool Poland
Available
Code Dx Enterprise Edition Code Dx, Inc. Software Vulnerability Assessment Tool United States
Available
Code Dx Standard Edition Code Dx, Inc. Software Vulnerability Assessment Tool United States
Available
CodeSecure Enterprise Armorize Technologies, Inc. Web Application Source Code Analysis Tool United States
Available
CodeSecure Verifier Armorize Technologies, Inc. Web Application Source Code Analysis Suite United States
Available
CodeSecure Workbench Armorize Technologies, Inc. Web Application Source Code Analysis Tool United States
Available
COREvidence NETpeas, SA Cloud-Based, Multi-Engines Vulnerability Management Service France
Planned
Cppcheck CppCheck Development Team A tool for static C/C++ code analysis Ireland
Available
CxCloud Checkmarx Static Code Analysis On Demand Israel
Available
CxEnteprise Checkmarx Static Code Analysis On Premise Israel
Available
CxSuite Checkmarx Static Application Security Testing/Application Security Code Review Israel
Available
DEFENSICS X Codenomicon Ltd. Fuzz Testing Tool with Integrated Capability to Report CWE Identifiers and Descriptions for Found Vulnerabilities Finland
Available
EMC Product Security Policy (PSP) EMC Corporation and RSA (The Security Division of EMC) Enterprise Policy for Secure Product Development United States
Available
EMC Security Development Lifecycle (SDL) EMC Corporation and RSA (The Security Division of EMC) Enterprise Secure Development Lifecycle United States
Available
EMC Vulnerability Response Policy (VRP) EMC Corporation and RSA (The Security Division of EMC) Enterprise Response Policy for Product Vulnerabilities United States
Available
IBM Security AppScan Enterprise IBM Security Systems Enterprise Web Application Security Assessment Tool United States
Planned
IBM Security AppScan Source IBM Security Systems Source Code Testing Tool United States
Available
JVN iPedia Information-technology Promotion Agency, Japan (IPA) Vulnerability Countermeasure Information Database Japan
Available
MyJVN Information-technology Promotion Agency, Japan (IPA) Filtered Vulnerability Countermeasure Information Tool Japan
Available
PVS-Studio C/C++/C# static code analyzer OOO "Program Verification Systems" (Co Ltd) Static code analyzer Russia
Available
SDElements SD Elements Secure Application Lifecycle Management (SALM) Tool United States
Available
Secure Code Review Astyran Pte Ltd. Secure Code Review Singapore
Available
Secure Code Review with Automated Tools Cigital, Inc. Security Code Assessment United States
Available
Secure Design Review Astyran Pte Ltd. Secure Design Review Singapore
Available
Secure programming class, CS390S CERIAS/Purdue University Secure Programming Class and Publicly Available Teaching Materials United States
Available
Security Training and Awareness (various courses) Cigital, Inc. Software Security Training and Awareness Courses United States
Available
SecurityAlert SecurityReason Web Application Security Risk Management Platform Poland
Available
SofCheck Inspector for Ada SofCheck Inc. Static Analysis and Fault Detection Tool United States
Available
Software Assurance Assessment KDM Analytics Software Assurance Assessment Service United States
Available
Symantec Product Security Symantec Corporation Symmunize (Symantec's Secure Development Lifecycle Process) United States
Available
Tool Output Integration Framework (TOIF) KDM Analytics Open Source Vulnerability Detection Platform United States
Available
Web Application Vulnerability Assessment Astyran Pte Ltd. Application Vulnerability Assessment Singapore
Available
Zed Attack Proxy (ZAP) Open Web Application Security Project (OWASP) Integrated Penetration Testing Tool for Finding Vulnerabilities in Web Applications United Kingdom
Planned
EC-Council Certified Secure Programmer EC-Council Secure Programmer Certification Program United States
Planned
QA*CPP - CWE Compliance Module for C++ Programming Language Programming Research, Inc. Source Code Static Analysis Product Suite United States
Planned
Rational AppScan Tester Edition IBM Rational Development-Time Web Application Security Testing Tool United States
Planned
Secure Application Development Training Courses SkillBridge, LLC Instructor Led Training United States
Planned
Secure Programming Exams/Assessments SANS Institute Professional Secure Programming Examination United States
Planned

CWE Coverage

Product (143) Organization (84) Type Country (20) Status
Ambionics Security Ambionics Security Security Service France
CWE Compatible
Astrée AbsInt Angewandte Informatik GmbH Static Analysis Tool and Coding Rules Checker Germany
CWE Compatible
BigLook Evenstar Code verification tool for ensuring source code compliance with domestic and international code seucrity guidelines. Korea
CWE Compatible
BinSearch ValiantSec Technology Co.,Ltd SCA China
CWE Compatible
C/C++test Parasoft Corporation Static Code Analysis United States
CWE Compatible
CAST Application Intelligence Platform CAST Automated Application Assessment Platform France
CWE Compatible
Checkmarx Static application security testing (SAST) Checkmarx Static application security testing engine - available both as an on-premises application or in the cloud as part of the Checkmarx One application security suite. Israel
CWE Compatible
COBOT Beijing Beida Software Engineering Development Co., Ltd. Program Static Analysis Tool P.R. China
CWE Compatible
COBOT-SCA Beijing Beida Software Engineering Development Co., Ltd. Software Composition And Vulnerability Analysis P.R. China
CWE Compatible
Code Check Hangzhou Huawei Cloud Computing Technologies Co., Ltd CodeCheck/Code static analysis/ SAST(Static Application Security Testing) China
CWE Compatible
CODE-RAY TRINITYSOFT Co., Ltd Source Code Security weakness analysis tool Korea
CWE Compatible
CodeAnt ValiantSec Technology Co.,Ltd SCA and Development security China
CWE Compatible
CodeArts Check Hangzhou Huawei Cloud Computing Technologies Co., Ltd CodeArts Check/Code static analysis/SAST(Static Application Security Testing) China
CWE Compatible
CodePeer AdaCore Automated Code Review and Validation Tool United States
CWE Compatible
CodeScroll Code Inspector Suresoft Technologies Inc. Code-Based Auto Inspection Tool Korea
CWE Compatible
CodeScroll SNIPER Suresoft Technologies Inc. Static Code Analysis Tool Korea
CWE Compatible
CodeScroll STATIC Suresoft Technologies Inc. Web-based Static Code Analysis Tool Korea
CWE Compatible
CodeSec SecZone Statically Apply Security Tool China
CWE Compatible
CodeSense ValiantSec Technology Co.,Ltd SAST China
CWE Compatible
CodeSonar GrammaTech, Inc. Static Analysis Tool United States
CWE Compatible
Conviso Security Compliance (CSC) Conviso Application Security Vulnerability Identification and Management Brazil
CWE Compatible
Corax Shanghai Feiyu Technology Co.,Ltd. Static Application Security Testing China
CWE Compatible
Coverity Synopsys Inc. Static Application Security Testing United States
CWE Compatible
Cr0security Certified Security Testing Cr0security Professional Security Testing Certification Indonesia
CWE Compatible
Cr0security Penetration Testing and Consultant Services Cr0security Network Penetration Testing and Vulnerability Assessment Services Indonesia
CWE Compatible
Cybellum Product Security Platform Cybellum Engine that can detect violation of CWEs in dinary files, on the assembly level. Israel
CWE Compatible
DerScanner DerSecur Ltd. SAST tool Israel
CWE Compatible
dotTEST Parasoft Corporation Static Code Analysis United States
CWE Compatible
Flawfinder David A. Wheeler Assessment Tool United States
CWE Compatible
FOSSCheck Suzhou Lengjingqicai Information Technology Co.,Ltd Software Composition Analysis Tool China
CWE Compatible
FossEye Suzhou Lengjingqicai Information Technology Co.,Ltd Open source security and compliance governance Tool China
CWE Compatible
High-Tech Bridge Security Advisories High-Tech Bridge SA Database/Knowledge Repository Based upon High-Tech Bridge's Proprietary Research Switzerland
CWE Compatible
IBM Security AppScan Standard IBM Security Systems Web Application Security Assessment Scanner United States
CWE Compatible
Imagix 4D, with Checklist for CWE Imagix Corporation Static Analysis and Change Review Tool United States
CWE Compatible
ImmuniWeb High-Tech Bridge SA SaaS Web Application Vulnerability Assessment Service Switzerland
CWE Compatible
IriusRisk IriusRisk SaaS Enterprise Threat Modeling platform United States
CWE Compatible
Jtest Parasoft Corporation Static Code Analysis United States
CWE Compatible
Julia Julia S.R.L. Static Program Analysis Tool Italy
CWE Compatible
Kiuwan Application Security platform Kiuwan Software S.L SaaS Enterprise Software Analytics Platform - Local Static Code Analysis with Emphasis on Security Spain
CWE Compatible
Klocwork Insight Klocwork, Inc. Assessment and Remediation Tool Canada
CWE Compatible
LDRA Testbed LDRA Static and Dynamic Software Analysis Tool Suite United Kingdom
CWE Compatible
LDRArules LDRA Static Analysis Tool and Coding Rules Checker United Kingdom
CWE Compatible
Lucent Sky Application Vulnerability Mitigation (AVM) Lucent Sky Corporation Application Vulnerability Mitigation United States
CWE Compatible
Micro Focus Application Defender Micro Focus Fortify Real-Time Detection and Prevention of Attacks United States
CWE Compatible
Micro Focus Fortify On Demand Micro Focus Fortify Static and Dynamic Analysis and Results Reporting Service United States
CWE Compatible
Micro Focus Software Security Center Micro Focus Fortify Results Reporting United States
CWE Compatible
Micro Focus Static Code Analyzer Micro Focus Fortify Static Analysis and Results Reporting United States
CWE Compatible
Micro Focus WebInspect Micro Focus Fortify Dynamic Analysis Web Application Security Assessment Tool United States
CWE Compatible
NaiveSystems Analyze Naive Systems Ltd. Static Analysis Tool and Coding Rules Checker China
CWE Compatible
Oversecured Oversecured Inc A SaaS-based mobile app vulnerability scanner United States
CWE Compatible
PC-lint Plus Vector Informatik GmbH C/C++ Static Code Analysis Germany
CWE Compatible
Polyspace Bug Finder MathWorks, Inc. Static Analysis Tool and Coding Rules Checker France
CWE Compatible
QA*C - CWE Compliance Module for C Programming Language Programming Research, Inc. Static Analysis of C code with advanced Data-flow/Control-flow/Cross-project and Multilanguage capabilities United States
CWE Compatible
QI-ANXIN Codesafe QI-ANXIN Technology Group Inc. Assessment Tool China
CWE Compatible
QI-ANXIN OSS Security QI-ANXIN Technology Group Inc. Assessment Tool China
CWE Compatible
Red Hat Customer Portal Red Hat, Inc. Customer Assessment Service United States
CWE Compatible
RedRocket SAST Beijing RedRocket Technology Co., Ltd Static Analysis Tool China
CWE Compatible
RedRocket SCA Beijing RedRocket Technology Co., Ltd Software Composition Analysis Tool China
CWE Compatible
RESORT Code Analysis Soft4Soft Co., Ltd. Static Analysis Tool and Coding Rules Checker Korea
CWE Compatible
Secidea SCAP2000 Shenzhen Secidea Network Security Technology Co., Ltd Static Application Security Testing China
CWE Compatible
Security-Database Web Services Security-Database Web Services France
CWE Compatible
SecurityPrism GTONE Co., Ltd. Semantic Based Static Application Security Testing Tool Korea
CWE Compatible
Seeker Interactive Application Security Testing (IAST) Synopsys Inc. Interactive Application Security Testing United States
CWE Compatible
SFuzz SecZone SFuzz China
CWE Compatible
SoftSec SCA Software Security TOOL China
CWE Compatible
Software Assurance Reference Dataset (SARD) National Institute of Standards and Technology (NIST) Web-based Software Security Assurance Application United States
CWE Compatible
SonarQube platform with C/C++ plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SonarQube platform with Java plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SonarQube platform with Objective-C plugin SonarSource SA Continuous Inspection, Trending, and Code Quality Management Platform Switzerland
CWE Compatible
SourceCheck SecZone Open Source Component Security and Compliance Management Platform China
CWE Compatible
SPARK Pro AdaCore Product United States
CWE Compatible
SPARROW Sparrow Co., Ltd. Semantic-Based Static Program Analysis Tool Korea
CWE Compatible
Static Reviewer Security Reviewer Static Application Security Testing (SAST)- Security, Dead Code & Best Practices Italy
CWE Compatible
Swift Fuzzer Testing Tool GYSecurity Technology Co., Ltd Assessment and Remediation Tool China
CWE Compatible
TBvision LDRA Static Analysis Tool and Coding Rules Checker United Kingdom
CWE Compatible
ThreadFix Denim Group, Ltd Open Source Vulnerability Management Tool United States
CWE Compatible
Tsmart Static Analyzer School of Software, Tsinghua University Static Analysis Tool P.R. China
CWE Compatible
UniSCA ValiantSec Technology Co.,Ltd SCA and Development security China
CWE Compatible
USTCHCS high confidence software analysis tool suite Anhui USTC-Guochuang High-Confidence Software Co.,Ltd Static Analysis Tool and Coding Rules Checker China
CWE Compatible
Vackbot Beijing Moyunsec Technology Co.,Ltd CART (Continuous Automated Red Teaming) + BAS (Breach and Attack Simulation) China
CWE Compatible
VackScan Beijing Moyunsec Technology Co.,Ltd Vulnerability scanning China
CWE Compatible
Veracode Analytics Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Dynamic Analysis Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Manual Testing Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
Veracode Static Analysis Veracode, Inc. SAST, DAST, Manual Penetration Testing United States
CWE Compatible
vFeed API and Vulnerability Database Community ToolsWatch Open Source Correlated and Cross-Linked Vulnerability XML Vulnerability Database France
CWE Compatible
VulHunter SecZone Interactive Application Security Testing Platform China
CWE Compatible
Vulinsight supply chain risk intelligence platform Beijing Vulinsight Technology Co., Ltd Vulnerability knowledge base system China
CWE Compatible
WebLayers Center Security Policy Library WebLayers, Inc. Software Development Lifecycle (SDLC) Governance United States
CWE Compatible
World Laboratory of Bugtraq (WLB) 2 CXSecurity Vulnerability Database Poland
CWE Compatible
WuKong SAST Beijing ZHONGKE TIANQI Information Technology Co.,Ltd. SAST(Static Application Security Testing) China
CWE Compatible
Xcheck OSS threat management platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xcheck Software Composition Analysis Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xfuse ASOC Agile Security Platform Beijing Anpro Information Technology Co. LTD Software Development Practices China
CWE Compatible
Xfuse CARTA SDLC Empower ment Platform Beijing Anpro Information Technology Co. LTD Software Development Practices China
CWE Compatible
Xmaze AI Pen-Testing Extension Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Breach and Attack Simulation Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze IAST security testing platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Static Application Security Testing Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xmaze Threat Modeling Automation Platform Beijing Anpro Information Technology Co. LTD Assessment and Remediation Tool China
CWE Compatible
Xshark RASP Self-Adaptive Threat Immunity Platform Beijing Anpro Information Technology Co. LTD Application-Level Firewall China
CWE Compatible
Yishi Firmware Supply Chain Security Management System Anban Information Technology Co., Ltd TOOL China
CWE Compatible
ZBG-SAST CodeForce(Beijing)Software Technology Co., Ltd Static Application Security Testing China
CWE Compatible
ZBG-SCA CodeForce(Beijing)Software Technology Co., Ltd Software Composition Analysis China
CWE Compatible
Architectural and Design Risk Management Cigital, Inc. Software Security Architecture and Design Risk Assessment and Management United States
Planned
Cenzic Hailstorm Enterprise ARC Cenzic, Inc. Web Application Security Risk Management Platform United States
Available
Cenzic Hailstorm Professional Cenzic, Inc. Web Application Penetration Testing and Vulnerability Management System United States
Available
Certification of Software Lifecycle Personnel ISC2 The International Information Systems Security Certification Consortium Professional Certification United States
Planned
cIFrex CXSecurity Free Security Research Tool Poland
Available
Code Dx Enterprise Edition Code Dx, Inc. Software Vulnerability Assessment Tool United States
Planned
Code Dx Standard Edition Code Dx, Inc. Software Vulnerability Assessment Tool United States
Planned
CodeSecure Enterprise Armorize Technologies, Inc. Web Application Source Code Analysis Tool United States
Available
CodeSecure Verifier Armorize Technologies, Inc. Web Application Source Code Analysis Suite United States
Available
CodeSecure Workbench Armorize Technologies, Inc. Web Application Source Code Analysis Tool United States
Available
COREvidence NETpeas, SA Cloud-Based, Multi-Engines Vulnerability Management Service France
Available
Cppcheck CppCheck Development Team A tool for static C/C++ code analysis Ireland
Planned
CxCloud Checkmarx Static Code Analysis On Demand Israel
Available
CxEnteprise Checkmarx Static Code Analysis On Premise Israel
Available
CxSuite Checkmarx Static Application Security Testing/Application Security Code Review Israel
Available
DEFENSICS X Codenomicon Ltd. Fuzz Testing Tool with Integrated Capability to Report CWE Identifiers and Descriptions for Found Vulnerabilities Finland
Planned
IBM Security AppScan Enterprise IBM Security Systems Enterprise Web Application Security Assessment Tool United States
Planned
IBM Security AppScan Source IBM Security Systems Source Code Testing Tool United States
Available
JVN iPedia Information-technology Promotion Agency, Japan (IPA) Vulnerability Countermeasure Information Database Japan
Available
MyJVN Information-technology Promotion Agency, Japan (IPA) Filtered Vulnerability Countermeasure Information Tool Japan
Available
PVS-Studio C/C++/C# static code analyzer OOO "Program Verification Systems" (Co Ltd) Static code analyzer Russia
Planned
SDElements SD Elements Secure Application Lifecycle Management (SALM) Tool United States
Available
Secure Code Review Astyran Pte Ltd. Secure Code Review Singapore
Planned
Secure Code Review with Automated Tools Cigital, Inc. Security Code Assessment United States
Planned
Secure Design Review Astyran Pte Ltd. Secure Design Review Singapore
Planned
Secure Development Lifecycle Apple, Inc. Secure Development Lifecycle United States
Available
Secure programming class, CS390S CERIAS/Purdue University Secure Programming Class and Publicly Available Teaching Materials United States
Planned
Security Training and Awareness (various courses) Cigital, Inc. Software Security Training and Awareness Courses United States
Planned
SecurityAlert SecurityReason Web Application Security Risk Management Platform Poland
Available
SofCheck Inspector for Ada SofCheck Inc. Static Analysis and Fault Detection Tool United States
Planned
Software Assurance Assessment KDM Analytics Software Assurance Assessment Service United States
Planned
Tool Output Integration Framework (TOIF) KDM Analytics Open Source Vulnerability Detection Platform United States
Available
Web Application Vulnerability Assessment Astyran Pte Ltd. Application Vulnerability Assessment Singapore
Available
Zed Attack Proxy (ZAP) Open Web Application Security Project (OWASP) Integrated Penetration Testing Tool for Finding Vulnerabilities in Web Applications United Kingdom
Available
QA*CPP - CWE Compliance Module for C++ Programming Language Programming Research, Inc. Source Code Static Analysis Product Suite United States
Planned
Rational AppScan Tester Edition IBM Rational Development-Time Web Application Security Testing Tool United States
Planned
Secure Application Development Training Courses SkillBridge, LLC Instructor Led Training United States
Planned
Secure Programming Exams/Assessments SANS Institute Professional Secure Programming Examination United States
Planned
Page Last Updated: June 03, 2024