Scanning source code (no execution) for vulnerability patterns—increasingly augmented with AI to reduce false positives on legacy rule sets.
SAST tools flag injections, unsafe deserialization, and secret leaks by analyzing code structure. AI-enhanced SAST (Snyk Code, Semgrep Assistant) uses models to triage findings and suggest fixes.
