Scan Code for Vulnerabilities

Description

Static code analysis tools can discover vulnerabilities inside your code before they make their way to production. Jit integrates SAST into CI/CD via tools that automatically perform a full scan of your repositories after activation. Scans are also initiated for every subsequent pull request.

Stack layerSecurity domainSecurity tool initiated by this item
Application SecurityStatic code scanning (SAST)Gosec for Golang
Semgrep for JS, Java, TS, Scala, Kotlin, and Python