0 Replies Latest reply: Mar 20, 2013 5:21 PM by VladK RSS

    Open Source Java Code Vulnerability Tool

    VladK
      Hello,

      We are looking for a product that would scan our Java application and identify all known published open-source code vulnerabilities.

      I found one such tool, and we are in the process of evaluating it:
      Sonatype Application Health Check
      http://www.sonatype.com/Products/Application-Health-Check


      Another more expensive product is HP Fortify
      http://www8.hp.com/us/en/software-solutions/software.html?compURI=1337262


      I wanted to reach out to the community to see if anyone has used any such product.


      Thanks,
      Vlad