S

SAST

Static Application Security Testing (SAST) checks your source code for known vulnerabilities.

A post-processor for computing the scope+offset fingerprint.

SAST Analyzer based on Semgrep

A project containing "vulnerable" code for testing GitLab SAST functionality.

SAST Analyzer for detecting leaked secrets

SAST Analyzer for Phoenix Elixir projects based on sobelow

SAST Analyzer based on SpotBugs and Find Sec Bugs.

GitLab Analyzer for Infrastructure as Code (IaC) projects that calls kics. This analyzer is written in Go using the command library shared by all analyzers.

SAST Analyzer for Salesforce Apex projects based on pmd

SAST Analyzer for Kubernetes manifests based on kubesec

Test project with: Language: Ruby

Test project with: Language: Ruby - Package Manager: Bundler - Framework : Rails