Evaluate Auto Remediation support for SAST
Problem to solve
Auto Remediation automatically fix vulnerabilities.
It currently supports Dependency Scanning findings. We should add SAST results as well.
- Sasha, Software Developer
- Sam, Security Analyst
We currently don't have solutions for SAST, so the first step is to find how to get this information.
Provide patches for SAST vulnerabilities. Once done, everything should follow the same flow of the existing Auto Remediation feature.
What does success look like, and how can we measure that?
Number of SAST vulnerabilities fixed by Auto Remediation.