Semgrep
SAST/DAST sast
Open Source
Open-source static code analysis
Platforms:
linux windows macos
Prerequisites:
python
Pros and Cons
Ventajas
- + Very fast and lightweight
- + Customizable rules
- + Open-source
- + Support for 30+ languages
- + Active community of rules
Desventajas
- - Requires initial configuration
- - Fewer features than enterprise solutions
- - Learning curve for custom rules
Casos de Uso
- Detecting vulnerabilities in code
- Enforcement of coding standards
- Automated code review
- Custom security rules