Skip to main content Link Menu Expand (external link) Document Search Copy Copied
SASTisfaction

Static analysis to drive better, continuous security education.

Design

SASTisfaction is a static-analysis-static-testing (SAST) tool used to create and deliver security education for developers. SASTisfaction is a Github App that scans PRs with semgrep. These scans are used to write security educational material as a peer reviewer comment in the PR.

screenshot

This allows for

  • reaching developers quickly and from inside Github
  • studying real-world examples
  • monitoring code changes over the long term

SASTisfaction scans for a few things right now:

  • potentially harmful APIs, libraries and programming patterns
  • poor configuration options of the Django and Rails web frameworks
  • secrets checked into Github