Audience
Developing teams looking for a powerful Static Code Analysis solution
About PMD
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth.
Other Popular Alternatives & Related Software
CodePeer
The Most Comprehensive Static Analysis Toolsuite for Ada. CodePeer helps developers gain a deep understanding of their code and build more reliable and secure software systems. CodePeer is an Ada source code analyzer that detects run-time and logic errors. It assesses potential bugs before program execution, serving as an automated peer reviewer, helping to find errors easily at any stage of the development life-cycle. CodePeer helps you improve the quality of your code and makes it easier for you to perform safety and/or security analysis. CodePeer is a stand-alone tool that runs on Windows and Linux platforms and may be used with any standard Ada compiler or fully integrated into the GNAT Pro development environment. It can detect several of the “Top 25 Most Dangerous Software Errors” in the Common Weakness Enumeration. CodePeer supports all versions of Ada (83, 95, 2005, 2012). CodePeer has been qualified as a Verification Tool under the DO-178B and EN 50128 software standards.
Learn more
SonarQube Cloud
Maximize your throughput and only release clean code SonarQube Cloud (formerly SonarCloud) automatically analyzes branches and decorates pull requests. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. With just a few clicks you're up and running right where your code lives. Immediate access to the latest features and enhancements. Project dashboards keep teams and stakeholders informed on code quality and releasability. Display project badges and show your communities you're all about awesome. Code Quality and Code Security is a concern for your entire stack, from front-end to back-end. That’s why we cover 24 languages including Python, Java, C++, and many others. Transparency makes sense and that's why the trend is growing. Come join the fun, it's entirely free for open-source projects!
Learn more
ZeroPath
ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix vulnerabilities.
ZeroPath provides complete security coverage:
1. AI-powered SAST for business logic flaws & broken authentication
2. SCA with reachability analysis
3. Secrets detection and validation
4. Infrastructure as Code
5. Automated patch generation.
any more...
ZeroPath delivers 2x more real vulnerabilities with 75% fewer false positives.
Our research team has been successful in finding vulns like critical account takeover in better-auth (CVE-2025-61928, 300k+ weekly downloads), identifying 170+ verified bugs in curl, and discovering 0-days in production systems at Netflix, Hulu, and Salesforce.
Trusted by 750+ companies and performing 200k+ code scans monthly.
Learn more
Kiuwan Code Security
Kiuwan is an end-to-end application security platform that integrates seamlessly into your development process.
Our toolset includes Static Application Security Testing (SAST), Software Composition Analysis (SCA), Software Governance and Code Quality, empowering your team to quickly identify and remediate vulnerabilities.
Integrating into your CI/CD pipeline, Kiuwan enables early detection and remediation of security issues. Kiuwan supports strict compliance with industry standards including OWASP, CWE, MISRA, NIST, PCI DSS, and CERT, among others.
✅ Large language support: 30+ programming languages.
✅ Detailed action plans: Prioritize remediation with tailored action plans.
✅ Code Security: Seamless Static Application Security Testing (SAST) integration.
✅ Insights: On-demand or continuous scanning Software Composition Analysis (SCA) to help reduce third-party threats.
✅ One-click Software Bill of Materials (SBOM) generation
Code Smarter. Secure Faster. Ship Sooner.
Learn more
Integrations
Company Information
PMD
sourceforge.net/projects/pmd/
Videos and Screen Captures
Other Useful Business Software
Point of Sale. Powerful and Simple.
Vibe Retail is an all-in-one retail point-of-sale and operations platform built for single-store and multi-location retailers seeking to unify inventory, sales, staff and customer data from one mobile-friendly interface. The system lets you track inventory across locations and warehouses, handle item variations (size, color, material), manage purchase orders and supplier deliveries, print custom barcodes, and transfer stock between stores in real time. On the sales side, Vibe supports multiple payment types (cards, cash, checks, gift cards, EBT), layaway workflows, serial number tracking, delivery management, loyalty programs and branded receipts. Retailers can integrate with online platforms (such as Shopify and WooCommerce), sync in-store and online sales, access 40+ real-time reports on sales, inventory and performance, set up promotions and discounts, and print receipts from mobile devices.
Product Details
Platforms Supported
Windows
Mac
Linux
Chromebook
Training
Documentation
Support
Online
