The SolarWinds attack led to a reevaluation of who is responsible for security in software supply chain. Developers have been evaluated on how quickly they could code, with security being either afterthought or someone else’s responsibility. Static application security testing (SAST) tools and DAST tools have the ultimate goal of making code more secure. SAST tools analyze the source code of programs and applications still under development. They can also look for vulnerabilities to the most prevalent attacks in specific industries like finance or retail.”]
Source: https://www.csoonline.com/article/3452416/top-sast-and-dast-tools.html