Open-source DAST or SAST tools

We'd recommend the open source DAST tool OWASP ZAP.  The scan frequency can be set to monthly, quarterly, or annually. As a best practice, we'd recommend setting this scan to occur as often as possible. Additional free DAST tools can be found here.


For an open source SAST tool, we'd recommend SonarCloud. Additional SAST tools can be found here

Was this article helpful?

Have more questions? Submit a request



Article is closed for comments.