SAST scan results
The SAST scanning engine uses AI and complementary technologies to improve detection accuracy and streamline result analysis.
Intelligent Code Analysis (ICA)
Static analysis scans apply Intelligent Code Analytics (ICA). ICA automatically discovers new application programming interfaces (API) and assesses them for security impact. Through ICA, all third-party API and frameworks are reviewed and assigned the correct security impact. This allows for more complete scan results. To learn more about ICA, see this article.
Intelligent Finding Analytics (IFA)
Fix groups
Static analysis assessments list findings by fix group. A fix group represents the most common node that grouped findings flow through. Typically, if a fix is implemented for a fix group, you can achieve the greatest effect for less work. A fix group can also be considered a logical grouping point wherein related findings can be reviewed at the same time. Note that a fix group may not be the exact place at which a fix should be placed. Future refactoring, code practices, and other factors might preclude using the fix group location for a fix.