Static Application Security Testing (SAST)

From wikieduonline

(Redirected from Code-analysis)

Jump to navigation Jump to search

wikipedia:Static program analysis

Tools[edit]

GitLab Ultimate 10.3 https://docs.gitlab.com/ee/user/application_security/sast/ .gitlab-ci.yml or Auto SAST by Auto DevOps, support for many languages including C/C++ (flawfinder)
GitHub https://docs.github.com/en/code-security/getting-started/securing-your-repository#configuring-code-scanning
Coverity (2002) from Synopsys
Microfocus Fortify WebInspect
Flawfinder
Kubesec
SonarQube (2006-2007) open source
Veracode

Related terms[edit]

Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
CodeQL

See also[edit]

SAST: Coverity, Fortify, Veracode, Thoma Bravo
Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution

Retrieved from "https://www.wikieduonline.com/index.php?title=Static_Application_Security_Testing_(SAST)&oldid=167974"

Security

Advertising: