What is SAST/Static application security testing?
Static application security testing is also known as SAST.
Static application security testing
SAST
In SAST, software artifacts are analyzed to uncover vulnerabilities during the coding and unit testing phases.
These tools primarily scan the source code, and may also look into the binaries and configuration files.
The important aspect is that these tests can be done without running the application.
Since static application security testing requires access to secure code, they are also known as white box testing