CWE - Sort By Country

NOTICE: As of 4/16/2024, the CWE Compatibility Program has been discontinued. The product listings included in this section have been moved to "archive" status.

MOVING FORWARD: Please follow these CWE Compatibility Requirements to consider your product or service "CWE Compatible."

Archived:

All organizations participating in the Compatibility Program are listed below.

Country (20)	Organization (87)	Product (148)	Type	Capability	Compatibility Status
Brazil	Conviso Application Security	Conviso Security Compliance (CSC)	Vulnerability Identification and Management	Output Searchable Coverage
Canada	Klocwork, Inc.	Klocwork Insight	Assessment and Remediation Tool	Output Searchable Coverage
China	Anban Information Technology Co., Ltd	Yishi Firmware Supply Chain Security Management System	TOOL	Coverage Output Searchable
China	Anhui USTC-Guochuang High-Confidence Software Co.,Ltd	USTCHCS high confidence software analysis tool suite	Static Analysis Tool and Coding Rules Checker	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xcheck OSS threat management platform	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xcheck Software Composition Analysis Platform	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xfuse ASOC Agile Security Platform	Software Development Practices	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xfuse CARTA SDLC Empower ment Platform	Software Development Practices	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xmaze AI Pen-Testing Extension	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xmaze Breach and Attack Simulation Platform	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xmaze IAST security testing platform	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xmaze Static Application Security Testing Platform	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xmaze Threat Modeling Automation Platform	Assessment and Remediation Tool	Coverage Output Searchable
China	Beijing Anpro Information Technology Co. LTD	Xshark RASP Self-Adaptive Threat Immunity Platform	Application-Level Firewall	Coverage Output Searchable
China	Beijing Moyunsec Technology Co.,Ltd	Vackbot	CART (Continuous Automated Red Teaming) + BAS (Breach and Attack Simulation)	Coverage Output Searchable
China	Beijing Moyunsec Technology Co.,Ltd	VackScan	Vulnerability scanning	Coverage Output Searchable
China	Beijing RedRocket Technology Co., Ltd	RedRocket SAST	Static Analysis Tool	Coverage Output Searchable
China	Beijing RedRocket Technology Co., Ltd	RedRocket SCA	Software Composition Analysis Tool	Coverage Output Searchable
China	Beijing Vulinsight Technology Co., Ltd	Vulinsight supply chain risk intelligence platform	Vulnerability knowledge base system	Coverage Output Searchable
China	Beijing ZHONGKE TIANQI Information Technology Co.,Ltd.	WuKong SAST	SAST(Static Application Security Testing)	Coverage Output Searchable
China	CodeForce(Beijing)Software Technology Co., Ltd	ZBG-SAST	Static Application Security Testing	Coverage Output Searchable
China	CodeForce(Beijing)Software Technology Co., Ltd	ZBG-SCA	Software Composition Analysis	Coverage Output Searchable
China	GYSecurity Technology Co., Ltd	Swift Fuzzer Testing Tool	Assessment and Remediation Tool	Coverage Output Searchable
China	Hangzhou Huawei Cloud Computing Technologies Co., Ltd	Code Check	CodeCheck/Code static analysis/ SAST(Static Application Security Testing)	Coverage Output Searchable
China	Hangzhou Huawei Cloud Computing Technologies Co., Ltd	CodeArts Check	CodeArts Check/Code static analysis/SAST(Static Application Security Testing)	Coverage Output Searchable
China	Naive Systems Ltd.	NaiveSystems Analyze	Static Analysis Tool and Coding Rules Checker	Coverage Output Searchable
China	QI-ANXIN Technology Group Inc.	QI-ANXIN Codesafe	Assessment Tool	Coverage Output Searchable
China	QI-ANXIN Technology Group Inc.	QI-ANXIN OSS Security	Assessment Tool	Coverage Output Searchable
China	SecZone	CodeSec	Statically Apply Security Tool	Coverage Output Searchable
China	SecZone	SFuzz	SFuzz	Coverage Output Searchable
China	SecZone	SourceCheck	Open Source Component Security and Compliance Management Platform	Coverage Output Searchable
China	SecZone	VulHunter	Interactive Application Security Testing Platform	Coverage Output Searchable
China	Shanghai Feiyu Technology Co.,Ltd.	Corax	Static Application Security Testing	Coverage Output Searchable
China	Shenzhen Secidea Network Security Technology Co., Ltd	Secidea SCAP2000	Static Application Security Testing	Coverage Output Searchable
China	Software Security	SoftSec SCA	TOOL	Coverage Output Searchable
China	Suzhou Lengjingqicai Information Technology Co.,Ltd	FOSSCheck	Software Composition Analysis Tool	Coverage Output Searchable
China	Suzhou Lengjingqicai Information Technology Co.,Ltd	FossEye	Open source security and compliance governance Tool	Coverage Output Searchable
China	ValiantSec Technology Co.,Ltd	BinSearch	SCA	Coverage Output Searchable
China	ValiantSec Technology Co.,Ltd	CodeAnt	SCA and Development security	Coverage Output Searchable
China	ValiantSec Technology Co.,Ltd	CodeSense	SAST	Coverage Output Searchable
China	ValiantSec Technology Co.,Ltd	UniSCA	SCA and Development security	Coverage Output Searchable
Finland	Codenomicon Ltd.	DEFENSICS X	Fuzz Testing Tool with Integrated Capability to Report CWE Identifiers and Descriptions for Found Vulnerabilities	Output Searchable Coverage	Available Available Planned
France	Ambionics Security	Ambionics Security	Security Service	Coverage Output Searchable
France	CAST	CAST Application Intelligence Platform	Automated Application Assessment Platform	Output Searchable Coverage
France	MathWorks, Inc.	Polyspace Bug Finder	Static Analysis Tool and Coding Rules Checker	Coverage Output Searchable
France	NETpeas, SA	COREvidence	Cloud-Based, Multi-Engines Vulnerability Management Service	Output Coverage Searchable	Available Available Planned
France	Security-Database	Security-Database Web Services	Web Services	Output Searchable Coverage
France	ToolsWatch	vFeed API and Vulnerability Database Community	Open Source Correlated and Cross-Linked Vulnerability XML Vulnerability Database	Coverage Output Searchable
Germany	AbsInt Angewandte Informatik GmbH	Astrée	Static Analysis Tool and Coding Rules Checker	Coverage Output Searchable
Germany	Vector Informatik GmbH	PC-lint Plus	C/C++ Static Code Analysis	Coverage Output Searchable
Indonesia	Cr0security	Cr0security Certified Security Testing	Professional Security Testing Certification	Coverage Output Searchable
Indonesia	Cr0security	Cr0security Penetration Testing and Consultant Services	Network Penetration Testing and Vulnerability Assessment Services	Coverage Output Searchable
Ireland	CppCheck Development Team	Cppcheck	A tool for static C/C++ code analysis	Output Searchable Coverage	Available Available Planned
Israel	Checkmarx	Checkmarx Static application security testing (SAST)	Static application security testing engine - available both as an on-premises application or in the cloud as part of the Checkmarx One application security suite.	Coverage Output Searchable
Israel	Checkmarx	CxCloud	Static Code Analysis On Demand	Output Searchable Coverage	Available Available Available
Israel	Checkmarx	CxEnteprise	Static Code Analysis On Premise	Output Searchable Coverage	Available Available Available
Israel	Checkmarx	CxSuite	Static Application Security Testing/Application Security Code Review	Output Searchable Coverage	Available Available Available
Israel	Cybellum
Israel	Cybellum	Cybellum Product Security Platform	Engine that can detect violation of CWEs in dinary files, on the assembly level.	Coverage Output Searchable
Israel	DerSecur Ltd.	DerScanner	SAST tool	Coverage Output Searchable
Italy	Julia S.R.L.	Julia	Static Program Analysis Tool	Coverage Output Searchable
Italy	Security Reviewer	Static Reviewer	Static Application Security Testing (SAST)- Security, Dead Code & Best Practices	Coverage Output Searchable
Japan	Information-technology Promotion Agency, Japan (IPA)	JVN iPedia	Vulnerability Countermeasure Information Database	Output Searchable Coverage	Available Available Available
Japan	Information-technology Promotion Agency, Japan (IPA)	MyJVN	Filtered Vulnerability Countermeasure Information Tool	Output Searchable Coverage	Available Available Available
Korea	Evenstar	BigLook	Code verification tool for ensuring source code compliance with domestic and international code seucrity guidelines.	Coverage Output Searchable
Korea	GTONE Co., Ltd.	SecurityPrism	Semantic Based Static Application Security Testing Tool	Coverage Output Searchable
Korea	Soft4Soft Co., Ltd.	RESORT Code Analysis	Static Analysis Tool and Coding Rules Checker	Coverage Output Searchable
Korea	Sparrow Co., Ltd.	SPARROW	Semantic-Based Static Program Analysis Tool	Output Searchable Coverage
Korea	Suresoft Technologies Inc.	CodeScroll Code Inspector	Code-Based Auto Inspection Tool	Coverage Output Searchable
Korea	Suresoft Technologies Inc.	CodeScroll SNIPER	Static Code Analysis Tool	Coverage Output Searchable
Korea	Suresoft Technologies Inc.	CodeScroll STATIC	Web-based Static Code Analysis Tool	Coverage Output Searchable
Korea	TRINITYSOFT Co., Ltd	CODE-RAY	Source Code Security weakness analysis tool	Coverage Output Searchable
P.R. China	Beijing Beida Software Engineering Development Co., Ltd.	COBOT	Program Static Analysis Tool	Coverage Output Searchable
P.R. China	Beijing Beida Software Engineering Development Co., Ltd.	COBOT-SCA	Software Composition And Vulnerability Analysis	Coverage Output Searchable
P.R. China	School of Software, Tsinghua University	Tsmart Static Analyzer	Static Analysis Tool	Coverage Output Searchable
Poland	CXSecurity	cIFrex	Free Security Research Tool	Output Searchable Documentation Coverage	Available Available Available Available
Poland	CXSecurity	World Laboratory of Bugtraq (WLB) 2	Vulnerability Database	Output Searchable Coverage
Poland	SecurityReason	SecurityAlert	Web Application Security Risk Management Platform	Output Searchable Coverage	Available Available Available
Russia	OOO "Program Verification Systems" (Co Ltd)	PVS-Studio C/C++/C# static code analyzer	Static code analyzer	Output Searchable Coverage	Available Available Planned
Singapore	Astyran Pte Ltd.	Secure Code Review	Secure Code Review	Output Searchable Coverage	Available Available Planned
Singapore	Astyran Pte Ltd.	Secure Design Review	Secure Design Review	Output Searchable Coverage	Available Available Planned
Singapore	Astyran Pte Ltd.	Web Application Vulnerability Assessment	Application Vulnerability Assessment	Output Searchable Coverage	Available Available Available
Spain	Kiuwan Software S.L	Kiuwan Application Security platform	SaaS Enterprise Software Analytics Platform - Local Static Code Analysis with Emphasis on Security	Coverage Output Searchable
Switzerland	High-Tech Bridge SA	High-Tech Bridge Security Advisories	Database/Knowledge Repository Based upon High-Tech Bridge's Proprietary Research	Output Searchable Coverage
Switzerland	High-Tech Bridge SA	ImmuniWeb	SaaS Web Application Vulnerability Assessment Service	Coverage Output Searchable
Switzerland	SonarSource SA	SonarQube platform with C/C++ plugin	Continuous Inspection, Trending, and Code Quality Management Platform	Coverage Output Searchable
Switzerland	SonarSource SA	SonarQube platform with Java plugin	Continuous Inspection, Trending, and Code Quality Management Platform	Coverage Output Searchable
Switzerland	SonarSource SA	SonarQube platform with Objective-C plugin	Continuous Inspection, Trending, and Code Quality Management Platform	Coverage Output Searchable
United Kingdom	LDRA	LDRA Testbed	Static and Dynamic Software Analysis Tool Suite	Output Searchable Coverage
United Kingdom	LDRA	LDRArules	Static Analysis Tool and Coding Rules Checker	Coverage Output Searchable
United Kingdom	LDRA	TBvision	Static Analysis Tool and Coding Rules Checker	Output Searchable Coverage
United Kingdom	Open Web Application Security Project (OWASP)	Zed Attack Proxy (ZAP)	Integrated Penetration Testing Tool for Finding Vulnerabilities in Web Applications	Coverage Output Searchable	Available Available Planned
United States	AdaCore	CodePeer	Automated Code Review and Validation Tool	Coverage Output Searchable
United States	AdaCore	SPARK Pro	Product	Coverage Output Searchable
United States	Apple, Inc.	Secure Development Lifecycle	Secure Development Lifecycle	Output Coverage Searchable	Available Available No
United States	Armorize Technologies, Inc.	CodeSecure Enterprise	Web Application Source Code Analysis Tool	Output Searchable Coverage	Available Available Available
United States	Armorize Technologies, Inc.	CodeSecure Verifier	Web Application Source Code Analysis Suite	Output Searchable Coverage	Available Available Available
United States	Armorize Technologies, Inc.	CodeSecure Workbench	Web Application Source Code Analysis Tool	Output Searchable Coverage	Available Available Available
United States	Cenzic, Inc.	Cenzic Hailstorm Enterprise ARC	Web Application Security Risk Management Platform	Output Searchable Coverage	Available Available Available
United States	Cenzic, Inc.	Cenzic Hailstorm Professional	Web Application Penetration Testing and Vulnerability Management System	Output Searchable Coverage	Available Available Available
United States	CERIAS/Purdue University	Secure programming class, CS390S	Secure Programming Class and Publicly Available Teaching Materials	Output Searchable Coverage	Available Available Planned
United States	Cigital, Inc.	Architectural and Design Risk Management	Software Security Architecture and Design Risk Assessment and Management	Output Searchable Coverage	Available Available Planned
United States	Cigital, Inc.	Secure Code Review with Automated Tools	Security Code Assessment	Output Searchable Coverage	Available Available Planned
United States	Cigital, Inc.	Security Training and Awareness (various courses)	Software Security Training and Awareness Courses	Output Searchable Coverage	Available Available Planned
United States	Code Dx, Inc.	Code Dx Enterprise Edition	Software Vulnerability Assessment Tool	Output Searchable Coverage	Available Available Planned
United States	Code Dx, Inc.	Code Dx Standard Edition	Software Vulnerability Assessment Tool	Output Searchable Coverage	Available Available Planned
United States	David A. Wheeler	Flawfinder	Assessment Tool	Coverage Output Searchable
United States	Denim Group, Ltd	ThreadFix	Open Source Vulnerability Management Tool	Output Searchable Coverage
United States	EC-Council	EC-Council Certified Secure Programmer	Secure Programmer Certification Program	Output Searchable Coverage	Planned Planned No
United States	EMC Corporation and RSA (The Security Division of EMC)	EMC Product Security Policy (PSP)	Enterprise Policy for Secure Product Development	Output Searchable Coverage	Available Available No
United States	EMC Corporation and RSA (The Security Division of EMC)	EMC Security Development Lifecycle (SDL)	Enterprise Secure Development Lifecycle	Output Searchable Coverage	Available Available No
United States	EMC Corporation and RSA (The Security Division of EMC)	EMC Vulnerability Response Policy (VRP)	Enterprise Response Policy for Product Vulnerabilities	Output Searchable Coverage	Available Available No
United States	GrammaTech, Inc.	CodeSonar	Static Analysis Tool	Output Searchable Coverage
United States	IBM Rational	Rational AppScan Tester Edition	Development-Time Web Application Security Testing Tool	Output Searchable Coverage	Planned Planned Planned
United States	IBM Security Systems	IBM Security AppScan Enterprise	Enterprise Web Application Security Assessment Tool	Output Searchable Coverage	Planned Planned Planned
United States	IBM Security Systems	IBM Security AppScan Source	Source Code Testing Tool	Output Searchable Coverage	Available Available Available
United States	IBM Security Systems	IBM Security AppScan Standard	Web Application Security Assessment Scanner	Output Searchable Coverage
United States	Imagix Corporation	Imagix 4D, with Checklist for CWE	Static Analysis and Change Review Tool	Coverage Output Searchable
United States	IriusRisk	IriusRisk	SaaS Enterprise Threat Modeling platform	Coverage Output Searchable
United States	ISC2 The International Information Systems Security Certification Consortium	Certification of Software Lifecycle Personnel	Professional Certification	Output Searchable Coverage	Available Planned Planned
United States	KDM Analytics	Software Assurance Assessment	Software Assurance Assessment Service	Output Searchable Coverage	Available Available Planned
United States	KDM Analytics	Tool Output Integration Framework (TOIF)	Open Source Vulnerability Detection Platform	Output Searchable Coverage	Available Available Available
United States	Lucent Sky Corporation	Lucent Sky Application Vulnerability Mitigation (AVM)	Application Vulnerability Mitigation	Coverage Output Searchable
United States	Micro Focus Fortify	Micro Focus Application Defender	Real-Time Detection and Prevention of Attacks	Output Searchable Coverage
United States	Micro Focus Fortify	Micro Focus Fortify On Demand	Static and Dynamic Analysis and Results Reporting Service	Output Searchable Coverage
United States	Micro Focus Fortify	Micro Focus Software Security Center	Results Reporting	Output Searchable Coverage
United States	Micro Focus Fortify	Micro Focus Static Code Analyzer	Static Analysis and Results Reporting	Output Searchable Coverage
United States	Micro Focus Fortify	Micro Focus WebInspect	Dynamic Analysis Web Application Security Assessment Tool	Output Searchable Coverage
United States	National Institute of Standards and Technology (NIST)	Software Assurance Reference Dataset (SARD)	Web-based Software Security Assurance Application	Output Searchable Coverage
United States	Oversecured Inc	Oversecured	A SaaS-based mobile app vulnerability scanner	Coverage Output Searchable
United States	Parasoft Corporation	C/C++test	Static Code Analysis	Coverage Output Searchable
United States	Parasoft Corporation	dotTEST	Static Code Analysis	Coverage Output Searchable
United States	Parasoft Corporation	Jtest	Static Code Analysis	Coverage Output Searchable
United States	Programming Research, Inc.	QA*C - CWE Compliance Module for C Programming Language	Static Analysis of C code with advanced Data-flow/Control-flow/Cross-project and Multilanguage capabilities	Coverage Output Searchable
United States	Programming Research, Inc.	QA*CPP - CWE Compliance Module for C++ Programming Language	Source Code Static Analysis Product Suite	Output Searchable Coverage	Planned Planned Planned
United States	Red Hat, Inc.	Red Hat Customer Portal	Customer Assessment Service	Output Searchable Coverage
United States	SANS Institute	Secure Programming Exams/Assessments	Professional Secure Programming Examination	Output Searchable Coverage	Planned Planned Planned
United States	SD Elements	SDElements	Secure Application Lifecycle Management (SALM) Tool	Output Searchable Coverage	Available Available Available
United States	SkillBridge, LLC	Secure Application Development Training Courses	Instructor Led Training	Output Searchable Coverage	Planned Planned Planned
United States	SofCheck Inc.	SofCheck Inspector for Ada	Static Analysis and Fault Detection Tool	Searchable Output Coverage	Available Planned Planned
United States	Symantec Corporation	Symantec Product Security	Symmunize (Symantec's Secure Development Lifecycle Process)	Output Searchable Coverage	Available Available No
United States	Synopsys Inc.	Coverity	Static Application Security Testing	Coverage Output Searchable
United States	Synopsys Inc.	Seeker Interactive Application Security Testing (IAST)	Interactive Application Security Testing	Coverage Output Searchable
United States	Veracode, Inc.	Veracode Analytics	SAST, DAST, Manual Penetration Testing	Output Searchable Coverage
United States	Veracode, Inc.	Veracode Dynamic Analysis	SAST, DAST, Manual Penetration Testing	Output Searchable Coverage
United States	Veracode, Inc.	Veracode Manual Testing	SAST, DAST, Manual Penetration Testing	Output Searchable Coverage
United States	Veracode, Inc.	Veracode Static Analysis	SAST, DAST, Manual Penetration Testing	Output Searchable Coverage
United States	WebLayers, Inc.	WebLayers Center Security Policy Library	Software Development Lifecycle (SDLC) Governance	Output Searchable Coverage


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2024, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.

Common Weakness Enumeration

Sort By Country

Archived: