Static Application Security Testing (SAST)

Static Application Security Testing (SAST) analyzes your source code, configuration files, and infrastructure-as-code to detect potential security vulnerabilities. SAST helps identify unsafe coding patterns, hardcoded secrets, injection risks, insecure APIs, and other issues early in development.

Codeac combines security checks with code quality analysis, helping you keep your code clean and secure.

Codeac integrates the following security analysis tools to help you catch vulnerabilities early:

• Ansible Linter
• Bandit
• CloudFormation Linter
• Ethlint
• Hadolint
• Kube-Score
• Kubeval
• OSV Scanner
• TFSec
• TFlint
• Security Code Scan (get in touch with us)
• Bundler Audit (get in touch with us)

If you're missing your favourite tool, just let us know at support@codeac.io. We may already have it in beta version.