OWASP Find Security Bugs download

The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE.

Features

141 bug patterns
Support your frameworks and libraries
Integrate with your IDE
Continuous integration
OWASP TOP 10 and CWE coverage
The project is open-source and is open for contributions

Project Samples

Project Activity

See All Activity >

License

GNU Library or Lesser General Public License version 3.0 (LGPLv3)

Follow OWASP Find Security Bugs

OWASP Find Security Bugs Web Site

Other Useful Business Software

Auth0 for AI Agents now in GA

Ready to implement AI with confidence (without sacrificing security)?

Connect your AI agents to apps and data more securely, give users control over the actions AI agents can perform and the data they can access, and enable human confirmation for critical agent actions.

Start building today

Rate This Project

User Reviews

Be the first to post a review of OWASP Find Security Bugs!

Additional Project Details

Programming Language

Java

Related Categories

Java Security Software, Java Libraries

Registered

2023-08-10

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
ManageEngine ADAudit Plus

ADAudit Plus helps keep your Windows Server ecosystem secure and compliant by providing full visibility into all activities. ADAudit Plus provides a clear picture of all changes made to your AD resources including AD objects and their attributes, group policy, and more. AD auditing helps detect...

See Software
Unimus

Unimus is a powerful, on-premise Network Automation and Configuration Management (NCM) solution designed for fast deployment and ease of use. As one of the most versatile NCM solutions available, it simplifies network management with features such as: 🔹 Disaster Recovery – Automated...

See Software
ZeroPath

ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix...

See Software

Report inappropriate content