All integrations
SAST

SAST Integrations — Static Code Analysis

Static analysis findings are only actionable when they reach the team that owns the code — with the source file, the line, and the fix point. Centraleyezer imports SAST results from HCL AppScan on Cloud and AppScan 360 complete with call traces and best-fix-point markers, and scores them alongside your DAST and infrastructure findings so code-level risk competes fairly for remediation attention.

2 available now4 on the roadmap

HCL AppScan on Cloud

DASTSAST

HCL AppScan on Cloud (ASoC) — dynamic web application testing and static source code analysis imported over the ASoC API with an API key. XML report import also supported.

Integration guide

HCL AppScan 360

DASTSAST

HCL AppScan 360 self-managed platform — DAST and SAST results imported over the same AppScan REST API, pointed at your own AppScan 360 deployment.

Integration guide

Snyk Code

RoadmapSASTSCA

Snyk SAST and SCA findings import covering static code analysis (Snyk Code) and open-source dependency vulnerabilities (Snyk Open Source).

Semgrep

RoadmapSAST

Semgrep static analysis findings for custom and community rule sets. Covers security anti-patterns, hardcoded secrets, and OWASP Top 10 code-level issues.

Checkmarx

RoadmapSAST

Checkmarx SAST scan result import covering source code vulnerabilities, data flow analysis, and OWASP/SANS classification.

Fortify SAST (OpenText)

RoadmapSAST

OpenText Fortify Static Code Analyzer scan results — covers 800+ vulnerability categories across 27+ programming languages.

Ready to connect your stack?

Book a demo and we'll walk through exactly how Centraleyezer fits into your existing tools.

SAST Integrations — Static Code Analysis