Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Analysis of the application source code for finding vulnerabilities without executing the application.
Static Source Code Analysis (SAST) Definition: Analysis of the application source code for finding vulnerabilities without executing the application.
Analysis of the application source code for finding vulnerabilities without executing the application. SAST is a security testing methodology that examines source code, bytecode, or binary code to identify security vulnerabilities without running the application. It uses automated tools to analyze code for patterns that indicate security weaknesses, coding errors, or non-compliance with secure coding standards. SAST is recommended in standards like OWASP SAMM, NIST SSDF, and ISO/IEC 27034 for application security. Organizations implement SAST through automated scanning tools integrated into development pipelines, analysis rulesets tailored to application risk, and processes for prioritizing and remediating findings. For example, a financial services company might implement SAST by integrating scanning tools into their CI/CD pipeline, automatically analyzing all code changes for security issues before they can be merged, with security-critical applications subject to more rigorous analysis rules and findings prioritized based on risk to sensitive financial data. Related terms: Security testing, Code analysis, Vulnerability detection, Secure SDLC, DevSecOps, Security bugs, Secure coding, CI/CD security.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →