Difference between revisions of "Static Application Security Testing (SAST)"

From wikieduonline

Jump to navigation Jump to search

Revision as of 10:43, 15 March 2022

wikipedia:Static program analysis

Tools

GitLab Ultimate 10.3 https://docs.gitlab.com/ee/user/application_security/sast/ .gitlab-ci.yml or Auto SAST by Auto DevOps, support for many languages including C/C++ (flawfinder)
Coverity (2002) from Synopsys
Microfocus Fortify WebInspect
Flawfinder
Kubesec
SonarQube (2006-2007) open source
Veracode
GitHub https://docs.github.com/en/code-security/getting-started/securing-your-repository#configuring-code-scanning

Related terms

Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
CodeQL

See also

SAST: Coverity, Fortify, Veracode, Thoma Bravo
Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution

Retrieved from "https://www.wikieduonline.com/index.php?title=Static_Application_Security_Testing_(SAST)&oldid=123785"

Security

Advertising: