How to run SAST Scan

Modified on Wed, 9 Oct at 10:35 AM


Introduction


Static Application Security Testing (SAST) identifies vulnerabilities within your source code. This guide details how to initiate and complete a SAST scan using version control platforms like GitHub, GitLab, and Bitbucket. 


Prerequisites:


  1. You should be signed in with CloudDefense.ai. If not, please refer to our guide on creating a CloudDefense.ai account.


  1. Access to a repository on version control platforms that you wish to scan. Ensure you have administrative privileges to configure scans. 



Step 1:  Click on  “Applications” on Navbar.


Step 2: Click the green “SCAN” button on the left side of the page, and choose a version control platform, here we will choose “GitHub” to proceed further.




Scan Public Repositories : 


Step 1: Add Repositories 


 Follow this flow 

       

  • Input the URL of the repository or repositories you want to scan.
  • Press “Enter” on keyboard
  • Select the branches for the scan from the list that appears after clicking on “Select branch” .
  • Press the green Scan repo button to begin scanning the selected repositories.





Identify SAST report 


To identify the results of your SAST scan, use the dropdown menu on the left side of the scanned application. This list includes all types of analysis available. For SAST scans, refer the following image,





Step 3: Review the Results


Once your scan is complete, the interface will display a summary of the findings. To delve deeper into the specific vulnerabilities identified during the scan, click on the name of your project (e.g., "vulnado-test"). This action will take you to a detailed overview of each finding.


For a comprehensive understanding of your SAST scan results, please visit the Results page.



To know how to scan private repos, please visit here  

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article