SAST tooling does static analysis to find security issues. Things like scanning for secret keys, sql injection attacks, etc.
Vendors/Solutions:
- https://semgrep.dev/
- https://checkmarx.com/cxsast-source-code-scanning/
- https://www.jit.io/
- https://snyk.io/product/snyk-code/
- https://www.mend.io/
Related:
- https://corgea.com/ - AI code submission to fix findings