February 12, 2025 - When testing for Java web application vulnerabilities, Acunetix AcuSensor reduces false positives even further and increases coverage thanks to the AcuSensor back end crawl technology.

Delvelin is a Code Vulnerability Analyzer for Java and Kotlin that supports best practices in security and risk management. kotlin vulnerability vulnerability-detection vulnerability-scanners security-tools sast whitebox-testing kotlin-test ...

August 3, 2022 - Compare Java scanners for code vulnerabilities. Learn how Dependency-Check, Snyk, Mend, & Finite State perform & the best tool for securing Java apps.

November 20, 2025 - For that reason, I'll show you a different Gradle plugin to scan for vulnerabilities. [ Learn the benefits of modernizing your network in the eBook Network automation for everyone. ] The folks from Sonatype created a Gradle plugin to scan your project called Scan Gradle Plugin, which is baked in by the OSS Index catalog. By now, you can probably see where this is going. By having this check within your Java compilation toolset, your continuous integration tool can run this scan every time the code changes, reporting any anomalies back to you before the code is deployed into production.

Scan your code and get fix advice in your favorite IDEs, including JetBrains, Eclipse, and VS Code. Snyk automatically scans your projects for vulnerabilities and provides CVE analysis.

Contrast CodeSec - Scan & Serverless - Web App and API code scanners via command line or through GitHub actions. CodeSec - Scan supports Java, JavaScript and .NET, while CodeSec - Serverless supports AWS Lambda Functions (Java + Python).

Source code analysis tools, also known as Static Application Security Testing (SAST) Tools, can help analyze source code or compiled versions of code to help find security flaws. SAST tools can be added into your IDE. Such tools can help you detect issues during software development. SAST tool feedback can save time and effort, especially when compared to finding vulnerabilities later in the development cycle.

hawkeye - Multi-purpose security/vulnerability/risk scanning tool supporting Ruby, Node.js, Python, PHP and Java. GuardRails - A GitHub App that gives you instant security feedback in your Pull Requests.

August 18, 2023 - Soos provides a deep dependency tree scan for Java open source package vulnerabilities and licenses. Unlimited Projects. Unlimited Users. Unlimited Scans. No credit card is required.

Snyk scans your Java applications for vulnerabilities in real time and provides suggested fix advice for quick remediation. Snyk can identify Java code, open source libraries, and container vulnerabilities.

February 22, 2026 - The JAR Vulnerability Scanner is a free, browser-based tool that lets you upload any Java .jar file and instantly scan it against a live CVE database for known security vulnerabilities — no installation, no CLI, no configuration.

Guide software development, quality control and risk management teams with accurate data Meterian scans your Java, Javascript, .NET, Scala, Ruby, Perl, PHP, Python, NodeJS, Golang, Android/Kotlin, Swift/Objective-C, Elixir, Rust, C/C++, R, Clojure ...

January 8, 2024 - This is where Snyk comes into play, giving developers tools to detect potentially vulnerable code or dependencies automatically. In this article, we’ll explore its features and how they can be used in the context of a Java project.

Detect and fix vulnerable dependencies with the most comprehensive Python, Java, and JavaScript security scanner.

Once you enable the API for a project, Artifact Analysis automatically scans each newly pushed image to Artifact Registry in that project. Artifact Analysis scans new images when they're uploaded to Artifact Registry. This scan extracts information about the packages in the container. You can view vulnerability occurrences for your images in Artifact Registry using the Google Cloud console, Google Cloud CLI, or the Container Analysis API...

August 13, 2024 - One of the most powerful features of Snyk is Snyk Code, a feature specifically designed to analyze your code for security vulnerabilities. Snyk Code supports various programming languages, including Java and Kotlin, making it an ideal choice ...

Continuous improvements and external dependency-aware SAST help uncover deeply hidden vulnerabilities, and custom rule capabilities enable organizations to fine-tune security policies for their code environment. This unmatched precision helps teams focus on real security risks rather than wasting time on spurious alerts. SonarQube offers broad detection and remediation capabilities for over 40 programming languages, including but not limited to Java, JavaScript, TypeScript, Python, PHP, C, C++, and C#. It also provides security scanning for infrastructure as code with support for Terraform, CloudFormation, Azure Resource Manager, Kubernetes, and Ansible.

January 20, 2026 - Xygeni’s dashboard visualizes ... vulnerabilities based on exploitability and reachability metrics. Xygeni offers a unique approach to static code analysis for Java by providing deep contextual insights and a unified application security strategy. This tool is particularly appealing to DevSecOps teams and developers focused on maintaining code integrity and security throughout the software development lifecycle. By aggregating and deduplicating findings from various scanners, Xygeni ensures ...