Apache Maven Integrations

JOpt.TourOptimizer

DNA Evolutions GmbH

JOpt.TourOptimizer is an adaptable component to solve VRP, CVRP, and VRPTW class problems for any route optimization in logistics or similar fields. JOpt.TourOptimizer gives full access to modern optimization strategies and already includes many useful functions and algorithms to model various tour optimization problems. The JOpt.TourOptimizer library is easily integrated into any product. It can be customized to meet special requirements or adapt to the industries’ specific needs in which your software products are used. JOpt.TourOptimizer – enables you to enhance your product or project by seamlessly integrating DNA’s tour and resource optimization engine. It comes as a Java library or in Docker Container utilizing the Spring Framework and Swagger.

8 Ratings

Starting Price: €995

View Software

Visit Website

Parasoft

Parasoft helps organizations continuously deliver high-quality software with its AI-powered software testing platform and automated test solutions. Supporting embedded and enterprise markets, Parasoft’s proven technologies reduce the time, effort, and cost of delivering secure, reliable, and compliant software by integrating everything from deep code analysis and unit testing to UI and API testing, plus service virtualization and complete code coverage, into the delivery pipeline. A powerful unified C and C++ test automation solution for static analysis, unit testing and structural code coverage, Parasoft C/C++test helps satisfy compliance with industry functional safety and security requirements for embedded software systems.

136 Ratings

Starting Price: $35/user/mo

View Software

Visit Website

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce. Snyk is recognized on the Forbes Cloud 100 2021, the 2021 CNBC Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.

1 Rating

Starting Price: $0

View Software

CaimanJ

AmiSystems

CaimanJ is an aircraft maintenance management system designed to streamline the overall maintenance process flow, reducing workload and costs with a strong focus on keeping your fleet safe and efficient. CaimanJ helps all concerned parties in carrying out their duties quickly and efficiently. Chief officers can easily keep under control the entire fleet status with an overview of the fleet availability, in order to assess the fleet's operational capability. At the same time, maintainers can better plan activities based on future needs and maintenance requirements. Technical personnel also benefit from the increasingly efficient workflow, and are able to perform inspection and maintenance activities at their ease, while minimizing the overall impact on the fleet's efficiency. Each part of CaimanJ's interface has been optimized for the specific use case it represents. The interface and the workflow have been developed together with end-users. We know how to best address your needs.

1 Rating

View Software

Contrast Security

Modern software development must match the speed of the business. But the modern AppSec tool soup lacks integration and creates complexity that slows software development life cycles. Contrast simplifies the complexity that impedes today’s development teams. Legacy AppSec employs a one-size-fits-all vulnerability detection and remediation approach that is inefficient and costly. Contrast automatically applies the best analysis and remediation technique, dramatically improving efficiencies and efficacy. Separate AppSec tools create silos that obfuscate the gathering of actionable intelligence across the application attack surface. Contrast delivers centralized observability that is critical to managing risks and capitalizing on operational efﬁciencies, both for security and development teams. Contrast Scan is pipeline native and delivers the speed, accuracy, and integration demanded by modern software development.

Starting Price: $0

View Software

Trino

Trino is a query engine that runs at ludicrous speed. Fast-distributed SQL query engine for big data analytics that helps you explore your data universe. Trino is a highly parallel and distributed query engine, that is built from the ground up for efficient, low-latency analytics. The largest organizations in the world use Trino to query exabyte-scale data lakes and massive data warehouses alike. Supports diverse use cases, ad-hoc analytics at interactive speeds, massive multi-hour batch queries, and high-volume apps that perform sub-second queries. Trino is an ANSI SQL-compliant query engine, that works with BI tools such as R, Tableau, Power BI, Superset, and many others. You can natively query data in Hadoop, S3, Cassandra, MySQL, and many others, without the need for complex, slow, and error-prone processes for copying the data. Access data from multiple systems within a single query.

Starting Price: Free

View Software

Perforce TeamHub

Perforce

Your code repository software is where you store your source code. This might be a Mercurial, Git, or SVN repository. Perforce TeamHub (formerly Helix TeamHub) can host your source code repository, whether it’s Mercurial, Git, or SVN. You can add multiple repositories in one project — or create a separate project for each repository. Perforce TeamHub can host more than your code repositories. You can manage and maintain all of your software assets in one spot. This includes build artifacts (Maven, Ivy) and Docker container registries. It also includes private file sharing through WebDAV repositories for your other binary files. You can use TeamHub on its own or alongside P4 to maintain a single source of truth across development teams. For example, you can keep large binary files in P4, then combine those files with Git assets from Perforce TeamHub in a hybrid workspace to achieve high build performance.

Starting Price: $1.05/month

View Software

Reshift

Reshift Security

The ultimate tool to help Node.js developers secure their custom code. Developers are 4x more likely to fix issues before code is checked in. Reshift makes shifting security left seamless with security bug detection and remediation at compile time. A security tool that works with your developers, without slowing them down. Reshift integrates with the developers’ IDE so security issues are found in real-time and fixed before the code is merged. New to security? Reshift makes it easy to build code security into your pipeline for the first time. A tool built for growing software companies looking to level up their security. Not a security expert? Reshift is made for SMB’s, making it easy to set up with no need for security expertise. Improve code security, while learning about secure code.Reshift provides rich content and best practices, so developers learn about security while writing code.

Starting Price: $99 per month

View Software

Snappytick

Snappycode Audit

Snappy Tick Source Edition (SAST) is a source code review tool, it helps to identify the Vulnerability in Source code. We provide - Static Code Analysis tools and Source Code Review tools. Consider an In-line auditing approaches will identify the largest amount of most significant Security issues in your application and it will verify that the proper security controls exist. Snappy Tick Standard Edition (DAST) is Dynamic application security tool, it helps to perform black box and grey box testing. Analyze the requests and responses and find potential vulnerabilities inside an application by trying to access them in variety of ways, while the applications are running. Built with amazing features developed specifically for SnappyTick. Capable of scanning multiple languages. Best reporting that highlights the precise source files, line numbers, and even subsections of lines that are affected.

Starting Price: $549 per month

View Software

Azure Artifacts

Microsoft

Add fully integrated package management to your continuous integration/continuous delivery (CI/CD) pipelines with a single click. Create and share Maven, npm, NuGet, and Python package feeds from public and private sources with teams of any size. Create and share Maven, npm, NuGet, and Python package feeds from public and private sources. Easily share code across small teams and large enterprises. Get universal artifact management for Maven, npm, NuGet, and Python. Share packages, and use built-in CI/CD, versioning, and testing. Share code effortlessly by storing Maven, npm, NuGet, and Python packages together. And there's no need to store binaries in Git, simply store them using Universal Packages. Keep every public source package you use, including packages from npmjs and nuget.org, safe in your feed where only you can delete it, and where it's backed by the enterprise-grade Azure SLA.

Starting Price: $6 per user per month

View Software

scct

Mainly, a better-lookin' report UI, a simpler maven configuration. Add the plugin instrumentation settings to child projects and the report merging settings to the parent project.

Starting Price: Free

View Software

JaCoCo

EclEmma

JaCoCo is a free code coverage library for Java, which has been created by the EclEmma team based on the lessons learned from using and integrating existing libraries for many years. The master branch of JaCoCo is automatically built and published. Due to the test-driven development approach, every build is considered fully functional. See the change history for the latest features and bug fixes. SonarQube code quality metrics of the current JaCoCo implementation are available on SonarCloud.io. Integrate JaCoCo technology with your tools. Use JaCoCo tools out of the box. Improve the implementation and add new features. There are several open-source coverage technologies for Java available. While implementing the Eclipse plug-in EclEmma the observation was that none of them are really designed for integration. Most of them are specifically fit to a particular tool (Ant tasks, command line, IDE plug-in) and do not offer a documented API that allows embedding in different contexts.

Starting Price: Free

View Software

Jersey

Eclipse Foundation

Developing RESTful web services that seamlessly support exposing your data in a variety of representation media types and abstracting away the low-level details of client-server communication is not an easy task without a good toolkit. In order to simplify the development of RESTful web services and their clients in Java, a standard and portable JAX-RS API has been designed. Jersey RESTful web services 3. x framework is an open-source, production-quality, framework that provides support for Jakarta RESTful web services 3.0. Jersey framework is more than the JAX-RS reference implementation. Jersey provides its own API that extends the JAX-RS toolkit with additional features. Track the JAX-RS API and provide regular releases of production quality reference implementations that ship with GlassFish. Provides APIs to extend Jersey & build a community of users and developers. Makes it easy to build RESTful Web services utilizing Java and the Java Virtual Machine.

Starting Price: Free

View Software

Death By Captcha

Death By Captcha is a world-class captcha resolution service. With more than 14 years in the captcha bypass business, Death By Captcha has become one of the industry leaders in the market. Our teams of technical experts and specialized decoders have worked together to create an incredibly fast and highly accurate system. Death By Captcha offers an excellent low price of $1.39 per 1000 decoded captcha, a team of 24/7 captcha decoders with a 95% to 100% success rate, an average response time of 15 seconds, and multiple API clients. With Death By Captcha, you can solve any captcha. All you need to do is implement our API, pass us your captchas and we will return the text, it is easy. A hybrid system made up of the most advanced OCR system on the market, along with a team of captcha 24/7 solvers. An average response time of 9 seconds for normal text captchas, with an average precision rate of 90% or more.

Starting Price: $1.39 per 1000 requests

View Software

HtmlUnit

HtmlUnit is a "GUI-Less browser for Java programs" that models HTML documents and provides an API to interact with web pages, such as invoking pages, filling out forms, and clicking links, similar to a standard web browser. It offers fairly good JavaScript support, which is constantly improving and is capable of handling complex AJAX libraries, simulating browsers like Chrome, Firefox, or Edge depending on the configuration used. Typically used for testing purposes or retrieving information from websites, HtmlUnit is not a generic unit testing framework but is intended to simulate a browser within another testing framework such as JUnit or TestNG. It is utilized as the underlying "browser" by various open source tools like WebDriver, Arquillian Drone, and Serenity BDD, and is employed by many projects for automated web testing, including Apache Shiro, Apache Struts, and Quarkus.

Starting Price: Free

View Software

jBrowserDriver

Daniel Hollingsworth

jBrowserDriver is a programmable, embeddable web browser driver compatible with the Selenium WebDriver specification. It is headless, WebKit-based, and written in pure Java. The project is open source and licensed under the Apache License v2.0. To run jBrowserDriver from a remote Selenium server, start the remote Selenium server(s) and use the appropriate code to call jBrowserDriver remotely. For building from source, install and configure Maven v3.x and run mvn clean compile install from the project root. To use in Eclipse, either import the existing Java project from the root directory or import the Maven file. For usage, jBrowserDriver can be used like any other Selenium WebDriver or RemoteWebDriver and works with Selenium Server and Selenium Grid.

Starting Price: Free

View Software

OneDev

OneDev is an open-source, self-hosted DevOps platform that unifies Git repository management, CI/CD pipelines, issue tracking, kanban boards, and package registries into a single application. It offers an intuitive GUI for creating CI/CD jobs with features like typed parameters, matrix jobs, logic reuse, and cache management. OneDev includes built-in registries for Docker, NPM, Maven, NuGet, PyPi, and more, facilitating comprehensive package management. It supports progressive and iterative issue tracking through iterations, enhancing agile workflows. With out-of-the-box code search and navigation, Renovate integration for dependency updates, and a RESTful API, OneDev streamlines development processes. It is designed for easy installation and maintenance, providing high performance and scalability. OneDev is developed and maintained by an inclusive community, ensuring continuous improvements and support.

Starting Price: $6 per month

View Software

iText

Apryse

Now part of the Apryse family, iText is one of the best-documented and most versatile PDF SDKs in the world. The open-source iText Core library features a powerful layout engine and intuitive high-level APIs for document creation and manipulation, digital signing and validation, and much more. It has built-in support for PDF 2.0, all variants of PDF/A and PDF/UA, FIPS-140-2 and the very latest ISO standards for digital signatures and encryption. You can extend iText's capabilities even further, with add-ons for comprehensive HTML/XML and CSS templating, global language and writing systems, secure document redaction, OCR, document optimization, and working with dynamic XFA. iText Core is free to use under the AGPLv3 license, while a commercial license releases you from the AGPL terms and gives you professional support and maintenance. Visit the iText website to try the entire iText Suite free for 30 days, while keeping your IP safe under iText's commercial license terms.

View Software

Clarive

Clarive Software

Start your DevOps Journey, make application delivery easy with a simple, powerful and unified workflow. The road to continuous delivery starts here. Clarive is the first tool to deliver an integrated experience to both Dev and Ops. Define and schedule your milestones, quality gates and releases to match your product goals and ideas. Package source code or any artifact into changesets that support any review, test or deployment workflow. Follow your release progress through stages and environments while collaborating and iterating on kanban boards and topics. Automate release pipelines to provision infrastructure, resolve dependencies and deploy components. Ideal for Dev teams that want to get started with lean delivery and the right workflow. Replace redundant tools and save time and money. Ideal for Ops teams looking to centralize all delivery processes, coordinate silos and resolve application dependencies.

Starting Price: €2 per user per month

View Software

Black Duck

Black Duck, part of the Synopsys Software Integrity Group, is a leading provider of application security testing (AST) solutions. Their comprehensive portfolio includes tools for static analysis, software composition analysis (SCA), dynamic analysis, and interactive analysis, enabling organizations to identify and mitigate security vulnerabilities throughout the software development life cycle. By automating the discovery and management of open-source software, Black Duck ensures compliance with security and licensing standards. Their solutions are designed to help organizations build trust in their software by managing application security, quality, and compliance risks at the speed their business demands. Black Duck empowers businesses to innovate securely and deliver software with confidence.

View Software

Eclipse Theia

Eclipse Foundation

Eclipse Theia is an extensible platform to develop multi-language Cloud & Desktop IDEs with state-of-the-art web technologies. Not sure whether you need a web or desktop version or both? With Theia you can develop one IDE and run it in browsers or native desktop application from a single source. The Theia project is hosted at the Eclipse Foundation, a not-for-profit corporation, and is developed by a diverse community. Unlike other "open-source" projects, projects hosted at an Open-Source Foundation are protected against single-vendor decisions against the interest of the diverse community. Theia is designed in a modular way to allow extenders and adopters customizing and extending every aspect of it. Composing a custom IDE-like product is as easy as listing all needed extensions in a package.json file. Adding new functionality by implementing your own extensions is easy, too and provides all the flexibility you need.

Starting Price: $0

View Software

Togglz

Togglz is an implementation of the Feature Toggles pattern for Java. Feature Toggles are a very common agile development practices in the context of continuous deployment and delivery. The basic idea is to associate a toggle with each new feature you are working on. This allows you to enable or disable these features at application runtime, even for individual users. Feature Toggles are very useful especially in the context of agile development practices and are used by big sites like Flickr. The basic idea is to have a configuration file that defines a bunch of toggles for various features you have pending. The running application then uses these toggles in order to decide whether or not to show the new feature. As this toggle is disabled by default you can safely deploy the application to the production servers even if the feature is not completely finished and tested. If the feature implementation is complete you can enable it in the production system at any point in time.

View Software

Macaw

Macaw Software

Macaw is an enterprise grade platform optimized for building and transforming applications for digital age. Macaw provides an unique approach to modernize traditional applications to utilize containers and microservices technologies. It also offers a turn-key approach for enterprises to design, develop, build, publish, run and operate microservices based application in a holistic manner irrespective of the underlying infrastructure and clouds. Macaw is meant for enterprises looking to accelerate their modernization journey with hybrid-cloud strategy and cloud native applications. Thanks to its many built-in foundational services ,turnkey operational capabilities and kubernetes integration. Macaw provides the necessary run time environment, services and tools to build, deploy and manage Microservices based application. It provides various built-in and readily usable core application services like database, security, messaging, load-balancing for accelerated development and turn-key ops.

View Software

JFrog

Fully automated DevOps platform for distributing trusted software releases from code to production. Onboard DevOps projects with users, resources and permissions for faster deployment frequency. Fearlessly update with proactive identification of open source vulnerabilities and license compliance violations. Achieve zero downtime across your DevOps pipeline with High Availability and active/active clustering for your enterprise. Control your DevOps environment with out-of-the-box native and ecosystem integrations. Enterprise ready with choice of on-prem, cloud, multi-cloud or hybrid deployments that scale as you grow. Ensure speed, reliability and security of IoT software updates and device management at scale. Create new DevOps projects in minutes and easily onboard team members, resources and storage quotas to get coding faster.

Starting Price: $98 per month

View Software

Phylum

Phylum defends applications at the perimeter of the open-source ecosystem and the tools used to build software. Its automated analysis engine scans third-party code as soon as it’s published into the open-source ecosystem to vet software packages, identify risks, inform users and block attacks. Think of Phylum like a firewall for open-source code. Phylum’s database of open-source software supply chain risks is the most comprehensive and scalable offering available, and can be deployed throughout the development lifecycle depending on an organization’s infrastructure and appsec program maturity: in front of artifact repository managers, directly with package managers or in CI/CD pipelines. The Phylum policy library allows users to toggle on the blocking of critical vulnerabilities, attacks like typosquats, obfuscated code and dependency confusion, copyleft licenses, and more. Users can also leverage OPA to create custom policies.

View Software

Cobertura

Cobertura is a free Java tool that calculates the percentage of code accessed by tests. It can be used to identify which parts of your Java program are lacking test coverage. It is based on jcoverage. Cobertura is free software. Most of it is licensed under the GNU GPL, and you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. Please review the file LICENSE.txt included in this distribution for further details.

Starting Price: Free

View Software

JetBrains Fleet

JetBrains

Built from scratch, based on 20 years of experience developing IDEs. JetBrains Fleet uses the IntelliJ code-processing engine, with a distributed IDE architecture and a reimagined UI. We built Fleet to be a fast and lightweight text editor for when you need to quickly browse and edit your code. It starts up in an instant so you can begin working immediately, and it can easily transform into an IDE, with the IntelliJ code-processing engine running separately from the editor itself. Fleet inherits the things that developers love the most from IntelliJ-based IDEs – project and context aware code completion, navigation to definitions and usages, on-the-fly code quality checks, and quick-fixes. Fleet’s architecture is designed to support a range of configurations and workflows. You can simply run Fleet just on your machine, or move some of the processes elsewhere – for example by locating the code processing in the cloud.

View Software

Azure Spring Apps

Microsoft

Azure Spring Apps is a fully managed service that helps Spring developers focus on code, not on infrastructure. Deploy any type of Spring app—including web apps, microservices, event-driven, serverless, and batch—without the need for Kubernetes. Take advantage of the Azure ecosystem while using your existing investments. Gain deep insights into application dependencies and operational telemetry using Azure monitor. Aggregate metrics for a topological view of how different services interact and see average performance and error rates. Easily identify the root cause of reliability issues and performance bottlenecks. Focus on what matters—your apps, business logic, and delivering value to your users. Deploy any type of Spring or Polyglot apps, either from source code or artifacts, with support for container creation and maintenance.

Starting Price: $0.7136 per hour

View Software

TestReport

TestReport.io

TestReport is an automation test reporting platform that turns complex testing data into simple, easy-to-understand reports. It helps teams see what’s working, what’s not, and how to improve their testing process. By using visual reports like graphs and charts, TestReport.io makes it easier to spot trends, issues, and bottlenecks. With TestReport.io, teams can quickly determine what aspects of their testing strategy are successful and which areas require improvement. This clarity not only accelerates decision-making but also streamlines the path to better testing outcomes. Whether it's tracking progress, resolving issues, or enhancing overall performance, TestReport.io ensures that teams have the tools and knowledge to optimize their testing efforts. Built for ease of use and efficiency, TestReport.io is an essential solution for organizations looking to maximize the impact of their automated testing strategies.

View Software

OpenAPI Generator

OpenAPI Generator is an open-source tool that automatically generates client libraries, server stubs, API documentation, and configuration files from an OpenAPI Specification (OAS) document. It supports a wide range of programming languages and frameworks, making it easier for developers to integrate APIs into their applications. By automating the creation of boilerplate code, OpenAPI Generator reduces development time and ensures consistency in API interactions. It allows teams to focus on implementing business logic rather than dealing with repetitive tasks like data serialization, deserialization, and HTTP request handling. The tool is widely used in API-driven development, enabling seamless integration of third-party services and simplifying the process of keeping API consumers and providers in sync.

Starting Price: Free

View Software

Sonatype Nexus Repository

Sonatype

Sonatype Nexus Repository is a robust binary repository manager designed to store, manage, and distribute open-source components, dependencies, and artifacts across the software development lifecycle (SDLC). It supports over 20 formats, including Maven, npm, PyPI, and Docker, allowing for seamless integration with build tools and CI/CD pipelines. With advanced features like high availability, disaster recovery, and scalability across cloud platforms, Nexus Repository ensures secure and efficient management of your software artifacts. The platform enhances collaboration, automates workflows, and improves visibility into your software supply chain, helping teams manage dependencies and improve software quality.

View Software

PVS-Studio

Program Verification Systems

PVS-Studio is a tool for detecting bugs and security weaknesses in the source code of programs, written in C, C++, C# and Java. It works under 64-bit systems in Windows, Linux and macOS environments, and can analyze source code intended for 32-bit, 64-bit and embedded ARM platforms.

View Software

Seeker

Black Duck

Seeker® is an interactive application security testing (IAST) solution that provides unparalleled visibility into your web application's security posture. It identifies vulnerability trends against compliance standards such as OWASP Top 10, PCI DSS, GDPR, CAPEC, and CWE/SANS Top 25. Seeker enables security teams to track sensitive data, ensuring it is handled securely and not stored in log files or databases without proper encryption. Its seamless integration into DevOps CI/CD workflows allows for continuous application security testing and verification. Unlike other IAST solutions, Seeker not only identifies security vulnerabilities but also verifies their exploitability, providing developers with a prioritized list of confirmed issues to address. By employing patented methods, Seeker processes extensive HTTP(S) requests swiftly, reducing false positives to near zero and enhancing productivity while minimizing business risk.

View Software

bugScout

Platform for detecting security vulnerabilities and analyzing code quality of applications. bugScout was born in 2010, with the objective of promoting global application security through audit and DevOps processes. Our purpose is to promote a culture of safe development and thus provide protection for your company’s information, assets and reputation. Designed by ethical hackers and reputable security auditors, bugScout® follows international security rules and standards and is at the forefront of cybercrime techniques to keep our customers’ applications safe and secure. We combine security with quality, offering the lowest false positive rate on the market and the fastest analysis. Lightest platform on the market, 100% integrated with SonarQube. A platform that unites SAST and IAST, promoting the most complete and versatile source code audit on the market for the detection of Application Security Vulnerabilities.

View Software

IDENTANCE

Verification made easy. Define fraud quickly and efficiently. Companies that care about their customers are looking for user-friendly ways to define fraud. IDENTANCE offers a way to check fraud by verifying users quickly and easily. From onboarding and verification to ongoing authentication, we offer a complete solution to know, verify, and trust your customers worldwide. The services we provide are available in 246 countries. You can verify the identity of your clients independently of their location. IDENTANCE supports 9000+ document types and the list is updating. Clients can use their national documents of different types. Our verification services are presented in 82 languages. Multi-Language support allows you to attract more clients all over the world. The IDENTANCE SDK is applicable to both Mobile and Web versions of sites and provides you with a complex verification solution for your business, this way you can eliminate bank fraud.

View Software

Ozone

Ozone platform helps enterprises to ship modern applications quickly, securely and reliably. Ozone removes the unwanted headache of managing too many DevOps tools and makes it super easy for anyone to deploy applications on Kubernetes clusters. Just integrate all your existing DevOps tools and automate your application delivery process end-to-end. Accelerate deployments with automated pipeline workflows and on demand infrastructure management with zero downtime. Prevent business losses by enforcing governance and compliance policy for app deployments at scale. Single pane of glass where engineering, DevOps and Security teams can collaborate on application releases in realtime.

View Software

Code Intelligence

Our platform uses various security techniques, including coverage-guided and feedback-based fuzz testing, to automatically generate millions of test cases that trigger hard-to-find bugs deep within your application. This white-box approach protects against edge cases and speeds up development. Advanced fuzzing engines generate inputs that maximize code coverage. Powerful bug detectors check for errors during code execution. Uncover true vulnerabilities only. Get the input and stack trace as proof, so you can reliably reproduce errors every time. AI white-box testing uses data from all previous test runs to continuously learn the inner-workings of your application, triggering security-critical bugs with increasingly high precision.

View Software

SpotBugs

It is free software, distributed under the terms of the GNU Lesser General Public License. SpotBugs is a fork of FindBugs (which is now an abandoned project), carrying on from the point where it left off with the support of its community. Please check the official manual for details. SpotBugs requires JRE (or JDK) 1.8.0 or later to run. However, it can analyze programs compiled for any version of Java, from 1.0 to 1.9. SpotBugs checks for more than 400 bug patterns.

View Software

OpsMx Enterprise for Spinnaker

OpsMx

OES is highly available and scalable for increasing deployment workloads, and extensible to integrate with multiple SDLC tool chains. OES offers easy-to-define custom stages to parallely deploy into any number of targets and save time. Action such as rollback or roll forward or stopping of all the parallel deployments is easy and can be done with a click. Automate repeated activities in your SDLC process by the ability to create as many child pipelines and invoke them in the parent pipeline. OES is modular and can act as a central CD tool for many enterprises because it uses an API-based architecture. Developers across the team can easily integrate external services with Spinnaker services for deployment orchestration.

View Software

Blink

Blink Ops

Blink is an ROI force multiplier for security teams and business leaders looking to quickly and easily secure a wide variety of use cases. Get full visibility and coverage of alerts across your organization and security stack. Utilize automated flows to reduce noise and false positives in alerts. Scan for attacks and proactively identify insider threats and vulnerabilities. Create automated workflows that add relevant context, streamline communications, and reduce MTTR. Take action on alerts and improve your cloud security posture with no-code automation and generative AI. Shift-left access requests, streamline approvals flows, and unblock developers while keeping your applications secure. Continuously monitor your application for SOC2, ISO, GDPR, or other compliance checks and enforce controls.

View Software

Contrast Assess

Contrast Security

A new kind of security designed for the way software is created. Resolve security issues minutes after installation by integrating security into your toolchain. Because Contrast agents monitor code and report from inside the application, developers can finally find and fix vulnerabilities without requiring security experts. That frees up security teams to focus on providing governance. Contrast Assess deploys an intelligent agent that instruments the application with smart sensors. The code is analyzed in real time from within the application. Instrumentation minimizes the false positives that slow down developers and security teams. Resolve security issues minutes after installation by integrating security into your toolchain. Contrast Assess integrates seamlessly into the software life cycle and into the tool sets that development and operations teams are already using, including native integration with ChatOps, ticketing systems and CI/CD tools, and a RESTful API.

View Software

Jtest

Parasoft

Meet Agile development cycles while maintaining high-quality code. Use Jtest’s comprehensive set of Java testing tools to ensure defect-free coding through every stage of software development in the Java environment. Streamline Compliance With Security Standards. Ensure your Java code complies with industry security standards. Have compliance verification documentation automatically generated. Release Quality Software, Faster. Integrate Java testing tools to find defects faster and earlier. Save time and money by mitigating complicated and expensive problems down the line. Increase Your Return From Unit Testing. Achieve code coverage targets by creating a maintainable and optimized suite of JUnit tests. Get faster feedback from CI and within your IDE using smart test execution. Parasoft Jtest integrates tightly into your development ecosystem and CI/CD pipeline for real-time, intelligent feedback on your testing and compliance progress.

View Software

Veracode

Veracode offers a holistic, scalable way to manage security risk across your entire application portfolio. We are the only solution that can provide visibility into application status across all testing types, including SAST, DAST, SCA, and manual penetration testing, in one centralized view.

View Software

Apache Maven Integrations

The Apache Software Foundation

43 Integrations with Apache Maven

JOpt.TourOptimizer

Parasoft

Snyk

CaimanJ

Contrast Security

Trino

Perforce TeamHub

Reshift

Snappytick

Azure Artifacts

scct

JaCoCo

Jersey

Death By Captcha

HtmlUnit

jBrowserDriver

OneDev

iText

Clarive

Black Duck

Eclipse Theia

Togglz

Macaw

JFrog

Phylum

Cobertura

JetBrains Fleet

Azure Spring Apps

TestReport

OpenAPI Generator

Sonatype Nexus Repository

PVS-Studio

Seeker

bugScout

IDENTANCE

Ozone

Code Intelligence

SpotBugs

OpsMx Enterprise for Spinnaker

Blink

Contrast Assess

Jtest

Veracode

Related Categories

Related Categories That Integrate With Apache Maven