Does anyone have a recommendation for a SAST / DAST scanning tool that supports a variety of languages (front end and backend), has minimal false positives, supports automation (via API or other), integrates with IDEs and integrates with GitLab?

Top Answer : We are in the process of testing GitLab Ultimate. It has security features like SAST/DAST and fuzzing. I have also used Veracode in the past.

325 views
3 comments
1 upvotes
Related Tags
Red Monitor
Engineering, Software
We are in the process of testing GitLab Ultimate. It has security features like SAST/DAST and fuzzing. I have also used Veracode in the past.
0 upvotes
Blue Cloud
Engineering, Software
DAST - Rapid7 AppSpider DAST - SonarQube
0 upvotes
Red Processor
IT, Software
For SAST and IAST, I'd talk to Checkmarx. Then if you want to layer on DAST, talk to Synopsys
0 upvotes