← Back to Landscape

#12DELIVERYSCAN

Code Scan (SAST)

Static security analysis

Medium

Overview

Automated scanning for security vulnerabilities in code before it's merged. Catches SQL injection, XSS, and common bugs.

Why It Matters

Find security issues before they ship. Catches SQL injection, XSS, and common vulnerabilities.

Implementation Pattern

1Choose scanning tools
2Integrate with CI
3Configure scan rules
4Set up automated PR comments

Tool Examples

These are examples, not endorsements. Choose what fits your context.

Semgrep

Bandit

ESLint Security

Dependencies

Requires (must have first)

•#5 Code Check-in

Enhanced by (more effective with)

•#6 Code Review

Enables (unlocks)

•#62 Vulnerability Tracking

Same Phase

Other capabilities in this pipeline phase

Quick Actions

View in Flow View full landscape Assess your platform

#11 LLM Failure Analysis

#13 Dependency Scan (SCA)