A Scientific Review of the Concept of SAST (Static Application Security Testing)

Abstract

The Static Application Security Testing (SAST) technique is used to examine the source code, byte code, assembly code, etc. to look for vulnerabilities that could endanger the security of the software that is currently being developed. IT is one of the automation testing methods that examines code flaws without actually running the test code. It is a type of white box testing technique that is carried out prior to code compilation. This is advantageous since all errors found during testing may be addressed before the code is compiled, saving time and resources.  It functions as a tool that is utilized throughout the software development life cycle with the goal of finding flaws while the software is being developed in the development environment. It is well-liked by programmers because it enables programmers to find almost all significant flaws by examining their own code before it is produced. By doing this, the developers will be able to fix any errors and improve the code's effectiveness to guard against vulnerabilities. The pros and drawbacks of the SAST technique, as well as its functioning mechanism, will all be covered in the paper.