How combine generative AI with code scanning (SAST) enhances static application security testing
In a 2023 GitHub survey, developers reported that their top task, second only to writing code (32%), was finding and fixing security vulnerabilities (31%). With AI, there’s promise: 45% of developers think teams will benefit from using AI to facilitate security reviews. 75% of enterprise software engineers are expected to use AI coding assistants by 2028, according to Gartner.
GitHub’s CodeQL (SAST) code scanning autofix analyzes and suggests fixes of more than 90% of vulnerability types in JavaScript, TypeScript, Python, Java, C#, and Go.
Reference: GitHub