Improve Advanced SAST Adoption
## Overview
This epics outlines the strategy for improving the onboarding experience of Advanced SAST and making it more obvious to existing customers when Advanced SAST is not enabled.
## Goals
Improve the percentage of customers adopting Advanced SAST as their primary SAST analyzer
We will do this by:
1. Ensuring that new customers always start their SAST journey with Advanced SAST, instead of Semgrep
2. Improving user visibility of whether or not Advanced SAST is enabled
## Sec Section Objective
**Improve Security Scanners Detection Quality and Speed**
## Target Metrics
1. Advanced SAST has become the default analyzer in every workflow that enables SAST
2. Advanced SAST adoption over Semgrep improves significantly by the end of FY27
1. Current metric: 37% of GitLab customers who use SAST are using Advanced SAST
2. Target metric: 60% of GitLab customers who use SAST are using Advanced SAST
## Feature Scope
**Feature scope - Required**
1. When a customer creates a new Project in GitLab, let's make the SAST enablement option use Advanced SAST
1. Dependency: Growth
**Feature scope - Nice to have**
1. Add visual indicators in GitLab's UI to make it obvious when a customer is a SAST analyzer that is not Advanced SAST
1. TBD on scope
## Cross-team dependencies
Insights team - visual indicator to encourage migration to GLAS
<!--triage-serverless v3 PLEASE DO NOT REMOVE THIS SECTION-->
> [!important]
>
> This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.
<!--triage-serverless v3 PLEASE DO NOT REMOVE THIS SECTION-->
epic