Fortify Static Code Analyzer

Static Application Security Testing

Deliver secure software fast. Find security issues early in the development cycle and fix at the speed of DevOps.

Try Fortify Static Code Analyzer with a Fortify on Demand free trial.

Screen code
Industry-leading programming language support

Scan source code written in developers’ preferred programming languages. Support for 25 languages including Java, C#, C, C++. Swift, PHP.

Mobile 3
Find more, fix easier and build better apps

Trust your software with the best results: Find more issues, fewer false positives, and get better information, analysis, and remediation guidance.

Time forward
Get results in minutes

Accelerate DevOps with scan results in minutes. Remove the need for partial or incremental scans which can miss critical issues.

"We integrate with that"

Work with what developers use! Integrations such as IDEs, build tools, code repositories, bug tracking, ticketing systems and an extensible API make appsec easier than ever before.

Certificate 1
Industry-leading research and support

Powered by the biggest dedicated application security research team. Detect 763 unique categories of vulnerabilities across 25 programming languages and over 911,000 unique APIs.

Block based replication
Available on-premise, as a service or in hybrid

Start on-premise or as a service and expand according to your business needs. Manage on-premise and as a service program centrally.


Application Security Research Update 2018

Fortify’s Software Security Research team found that 1 out of 2 apps had critical or high vulnerabilities not covered by the OWASP Top 10 2017.

release-rel-2019-9-1-2561 | Tue Sep 3 14:32:10 PDT 2019
Tue Sep 3 14:32:10 PDT 2019