Your browser is not supported

For the best experience, use Google Chrome or Mozilla Firefox.


Fortify Static Code Analyzer

Build secure software fast. Find security issues early and fix at the speed of DevOps.

Developer-driven static application security testing

Developers find and fix security defects in real-time during the coding process, with integrations to IDEs
such as Eclipse or Visual Studio. Gamified training supports developers' ability to create secure code.

bg bg

Cover languages that developers use

Support for 27 major languages and their frameworks, with agile updates backed by the industry-leading Fortify Software Security Research team. Enable compliance with broad vulnerability coverage, including 810 vulnerability categories for SAST (Static Application Security Testing) that enable compliance with standards such as OWASP Top 10, CWE/SANS Top 25, DISA STIG, and PCI DSS.

bg bg

Automate security within your CI/CD pipeline

Automate security in the CI/CD pipeline with Swagger-supported RESTful APIs; GitHub repository; plugins for Bamboo, Visual Studio Team Services, and Jenkins; and integration with open source component analysis tools. Software Security Center enables organizations to automate all aspects of an application security program.

bg bg

Fix at the speed of DevOps

Drill into source code details with our rich analysis results, enabling you to quickly triage and fix complex security issues. Audit Assistant reduces manual audit time by removing up to 90% of false positives with machine learning-assisted auditing.

Audit Workbench enables rich analysis and automated triage.

bg bg

Scale your AppSec program

ScanCentral enables scaling with a static analysis farm that can meet the changing demands of the CI/CD pipeline.

Scan with flexible deployment. Fortify SAST is available on premises, as a service, or in hybrid mode to fit your business needs. Start quickly and expand your AppSec program centrally.

bg bg

Peer Reviews

"Fortify Static Code Analyzer is truly one of the best I know. It helps in submitting my codes while running it in a smoothly and accurately in the background. It scans our code for bug, vulnerabilities and threats detection."
"Fortify Static Code Analyzer is an excellent product to automate the security code analysis."
"This product provides detailed feedbacks about the security vulnerability and suggests the recommendation to address this."

Related Resources

Related Products



Fortify helps you build secure software fast.


Fortify on Demand

Application security-as-a-service with security testing and vulnerability management.


Fortify Software Security Center

Automate all aspects of your application security program.

Gartner Magic Quadrant for Application Security Testing

Micro Focus maintains its position as a Magic Quadrant Leader for the third consecutive year in the 2020 Magic Quadrant for Application Security Testing.

release-rel-2022-1-2-7091 | Wed Jan 19 20:14:11 PST 2022
Wed Jan 19 20:14:11 PST 2022