SAST maturity: viable

This issue collects all the improvements that will make SAST category to be viable.

See https://about.gitlab.com/handbook/product/categories/maturity/#secure for more information.

The scope of this issue is to track, discuss, and validate which are conditions that will make this category viable.

In the description (and related issues) there are current known requirements that a couple of big customers pointed as "required to justify using your product", that I feel is quite aligned with what you suggested in your previous comment. Still not a replacement, but actual usage.

Having a public issue has the value to allow anyone (customers, community, internal users), to jump in and add their thoughts, helping us with the validation process.

Goals to be considered viable:

1. support for the most common languages and projects
2. results available in the Group Security Dashboard