Klocwork
Klocwork是可用于C、C++、C#、Java 和 JavaScript的静态代码分析和静态应用程序安全测试(SAST)工具,可识别App安全性、质量和可靠性问题,帮助代码规范的实行。
Klocwork 专为企业 DevOps 和 DevSecOps 构建,可扩展到任何规模的项目,可与大型复杂环境、各类开发工具集成,并为整个企业提供控制、协作和报告。Klocwork已经成为各行业优选的静态代码分析工具,可在保持高开发效率的同时确保代码安全和质量。
符合安全标准:CWE、OWASP、CERT、PCI DSS、DISA STIG和ISO/IEC TS 17961。
Klocwork static code analysis and SAST tool for C, C++, C#, Java, and JavaScript identifies software security, quality, and reliability issues helping to enforce compliance with standards.
Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality.
Security Standards: CWE, OWASP, CERT, PCI DSS, DISA STIG, and ISO/IEC TS 17961.