Find out what your peers are saying about SonarSource Sàrl, Veracode, Checkmarx and others in Static Application Security Testing (SAST). Updated: January 2026.
SAST is a method designed to detect security vulnerabilities within an application's source code. By analyzing the code structure, SAST identifies potential flaws early in the development cycle, promoting secure coding practices and reducing the risk of security issues in production.
Unlike dynamic testing that examines an application during runtime, SAST operates on static code analysis. This early detection capability is crucial as it enables developers to address vulnerabilities before...
We're having success using the MEND SAST offering. The OWASP Foundation has an overview of some of the options Source Code Analysis Tools | OWASP Foundation
@Ben Dyer thank you for the response and feel free to share more feedback about the product later, once you use it more extensively.
There is this new product from CodeEye Solutions called IRIS that brings all code risk management into one platform.
Check us out please: https://codeeyesolutions.com/S...