Latka logo

Top 19 Static Application Security Testing (SAST) Software SaaS Companies in May 2026

As of May 2026, there are 19 SaaS companies in Static Application Security Testing (SAST) Software. They have combined revenues of $135.4M and employ 1.1K people. They have raised $40.3M and serve - customers combined.

Static Application Security Testing (SAST) software refers to tools and methodologies that analyze source code, bytecode, or binary code to identify security vulnerabilities within applications prior to deployment. This approach, often described as white-box testing, enables developers to detect and resolve potential security flaws early in the development lifecycle, thereby reducing the risk of vulnerabilities in production environments. The primary use cases of SAST software include scanning the source code for issues such as input validation errors, insecure coding practices, and dependencies that may pose security risks. Typical features of SAST tools encompass automated scanning, detailed reporting on vulnerabilities, integration with continuous integration/continuous deployment (CI/CD) pipelines, and support for various programming languages. The common buyer personas for SAST solutions typically include software developers, security teams, and DevOps engineers who seek to enhance application security while maintaining development efficiency.

Companies
19
Revenue
$135.4M
Funding
$40.3M
Employees
1.1K

Filters

Sorting: Highest -> Lowest

Filters
Revenue
All<$1M$1M-$5M$5M-$10M$10M-$100M$100M+
Funding (Locked)Growth (Locked)Team-Size (Locked)

Top Static Application Security Testing (SAST) Software Companies

Showing 10 of 1 companies ranked by annual revenue.

1
Security Journey

Pittsburgh, Pennsylvania, United States

Security Journey offers robust application security education tools to help developers and the entire SDLC team recognize and understand vulnerabilities and threats and proactively mitigate these risks. The knowledge learners acquire in our programs goes beyond helping learners code more securely – it turns everyone in the SDLC into security champions. Our platform takes a unique level approach, transitioning learners from security basics to language-specific knowledge to the experiential learning required to become security champions. With lessons offered in multiple formats, including text, video, and hands-on sandbox environments, there is a modality that resonates with every learning style. Organizations with teams of security champions develop a security-first mindset that allows them to deliver safer, more secure applications.

Revenue
$5.9M
Customers
-
Year founded
2016
Funding
-
Team size
54
Growth
-

Inclusion Criteria

- Must offer automated scanning of source code, bytecode, or binaries for security vulnerabilities - Should provide detailed reporting on identified vulnerabilities and remediation guidance - Must integrate with CI/CD workflows to facilitate continuous security testing - Should support multiple programming languages and development frameworks - Not just focused on dynamic analysis; must also include static code analysis capabilities - Should offer features for prioritizing vulnerabilities based on severity