Best Static Code Analysis Software

Static code analysis is the analysis of computer software performed without actually executing the code. Static code analysis software scans all code in a project and seeks out vulnerabilities, validates code against industry best practices, and some software tools validate against company-specific project specifications. Static code analysis software is used by software development and quality assurance teams to ensure the quality and security of code, and that project requirements are met. Static code analysis is a type of source code management and can integrate with version control systems and through build automation tasks using continuous integration software.

To qualify as a static code analysis system, a product must:

  • Scan code without executing that code
  • List security vulnerabilities after scanning
  • Validate code against industry best practices
  • Provide recommendations on where and how to fix issues

Static Code Analysis Software Grid® Overview

The best Static Code Analysis Software products are determined by customer satisfaction (based on user reviews) and scale (based on market share, vendor size, and social impact) and placed into four categories on the Grid®:
  • Products in the Leader quadrant are rated highly by G2 Crowd users and have substantial Market Presence scores. Leaders include: ReSharper, PyCharm, and Coverity
  • High Performers are highly rated by their users, but have not yet achieved the market share and scale of the Leaders. High Performers include: SonarQube
  • Contenders have significant Market Presence and resources, but have received below average user Satisfaction ratings or have not yet received a sufficient number of reviews to validate the solution. Contenders include: CheckMarx, Black Duck, and MicroFocus Fortify
  • Niche solutions do not have the Market Presence of the Leaders. They may have been rated positively on customer Satisfaction, but have not yet received enough reviews to validate them. Niche products include: WhiteSource Software and JSHint
G2 Crowd Grid® for Static Code Analysis
Leaders
High Performers
Contenders
Niche
Checkmarx
Sonarqube
Resharper
Whitesource software
Pycharm
Black duck
Coverity
Microfocus fortify
Jshint
Market Presence
Satisfaction
Linked in no background

Get personalized Static Code Analysis recommendations

1
2
3

Compare Static Code Analysis Software

    Results: 50

    Kate avatar
    Kate from G2 Crowd

    Learning about Static Code Analysis?

    I can help.
    Get FREE professional recommendations in just a few minutes.