# Code Security (SAST) ### **Overview** Xygeni's **Static Application Security Testing (SAST)** tool provides in-depth analysis of your source code to uncover security vulnerabilities and malicious patterns **before code is compiled or deployed**. By scanning source files directly, Xygeni ensures early detection of flaws that could be exploited in production, enabling secure-by-design software development practices. Through integration with DevOps workflows and developer environments, Xygeni’s SAST scanner delivers actionable insights, prioritizes critical findings and facilitates **quick remediations** based on secure coding guidelines and regulatory standards. ### **Protect Applications from Malicious Code and Vulnerabilities Early** Modern applications often combine large volumes of custom code with third-party libraries. This increases the risk of hidden vulnerabilities or **intentionally inserted malicious logic**. Xygeni's SAST tool is built to uncover: * Insecure functions and APIs (e.g., use of `eval()`, hardcoded credentials, or unsafe deserialization). * Input validation flaws (e.g., XSS, SQL injection, command injection). * Misuse of cryptographic functions. * Data leakage risks due to improper handling of secrets. * Suspicious patterns indicative of **malware or backdoors** in source files. The scanner covers multiple languages and frameworks commonly used in web, backend, and cloud-native environments. For more information regarding Code Security, refer to these sections: * [Code Security User Interface Guide](https://docs.xygeni.io/xygeni-products/code-security-cs/cs-user-interface-guide) * [Risks (SAST)](https://docs.xygeni.io/xygeni-products/code-security-cs/cs-user-interface-guide/risks-sast) * [Malicious Code](https://docs.xygeni.io/xygeni-products/code-security-cs/cs-user-interface-guide/risks-sast/malicious-code) * [Malware Scanner](https://docs.xygeni.io/xygeni-products/code-security-cs/malware-scanner) * [SAST Scanner](https://docs.xygeni.io/xygeni-products/code-security-cs/ci-cd-scanner)