What is static application security testing (SAST)? Definition from WhatIs.com.

Static Application Security Testing (SAST) is a procedure that identifies application source code vulnerabilities early in the software development lifecycle (SDLC). This white box testing scans source code, bytecode and binaries within inactive applications, providing real-time feedback. SAST tools scan millions of lines of code quickly, enhancing code quality and can be automated. They also validate compliance with coding standards. However, challenges include the possibility of false positives and the inability to detect vulnerabilities outside the source code.