SAST
- SAST stands for Static Application Security Testing
- It is the methodology for finding the security flaws in the application from the source code
- It is White-box Security testing methodology
In SAST phase we are going to perform below scan
| Tools | Uses |
|---|---|
| SCA | Scan for security flaws in dependency |
| Secret Scanning | Scan for sensitive information in the codebase |
| SAST | Scan for security flaws in the application code |