SAST scans provides you the list ofA) Exploitable vulnerabilitiesB) Code quality assuranceC) Both A and BD) Potential code security flawsReset Answer

Break Down the Problem

1. Identify the purpose of SAST (Static Application Security Testing) scans.
2. Determine what outputs or findings are generated by SAST scans.

Relevant Concepts

1. SAST Purpose: SAST is a method to analyze source code for vulnerabilities without executing the program.
2. Outputs of SAST: SAST scans typically generate reports that highlight security flaws and vulnerabilities in the source code.

Analysis and Detail

1. Exploitable Vulnerabilities: SAST scans do help in identifying vulnerabilities that can be exploited.
2. Code Quality Assurance: While SAST focuses primarily on security, it may also assist in enhancing code quality, but this is not its primary purpose.
3. Potential Code Security Flaws: The primary output of SAST scans is to identify security flaws in the code, making this a core function of such scans.

Verify and Summarize

• SAST scans predominantly provide a list of exploitable vulnerabilities and potential code security flaws.
• While they can contribute to code quality, that is not explicitly their main function.

Final Answer

The correct answer is C) Both A and B, as SAST scans provide a list of exploitable vulnerabilities and potential code security flaws.