Evaluate Auto Remediation support for SAST
Problem to solve
Auto Remediation automatically fix vulnerabilities.
It currently supports Dependency Scanning findings. We should add SAST results as well.
Target audience
- Sasha, Software Developer
- Sam, Security Analyst
Further details
We currently don't have solutions for SAST, so the first step is to find how to get this information.
Proposal
Provide patches for SAST vulnerabilities. Once done, everything should follow the same flow of the existing Auto Remediation feature.
What does success look like, and how can we measure that?
Number of SAST vulnerabilities fixed by Auto Remediation.
Edited by Philippe Lafoucrière