S

SAST

Static Application Security Testing (SAST) checks your source code for known vulnerabilities.

Codequality jobs in pipelines https://docs.gitlab.com/ee/user/project/merge_requests/code_quality.html

SAST Analyzer based on SpotBugs and Find Sec Bugs.

AI Code Security — four agents that catch what SAST misses in AI-generated code. Built on GitLab Duo Agent Platform.

Collection of shell scripts packaged with SAST analyzers to enable post-analyzer integrations.

This project serves as a comprehensive reference implementation for enterprise DevSecOps practices, demonstrating how security, automation, and observability integrate seamlessly in modern cloud applications.

AI-powered security scanner that finds vulnerabilities and provides one-click fixes directly in GitLab merge requests. A reusable CI/CD Catalog component built with Google Cloud Vertex AI.

An end to end DevSecOps pipeline with features including SAST Scanning of the Source code, SBOM management, and Container image scan, before pushing to EKS.

Shiftleft CLI auto builder for Docker Hub

This repository is part of a master thesis featured on https://scrap.tantemalkah.at and highlights the evaluation of currently maintained F/LOSS static analysis tools for PHP.