Getting Started with SAST/Secrets

The SOOS SAST/Secrets connector allows you to bring your own SAST tool and ingest the results with SOOS. Centralize your SAST results in the same dashboard as your SCA, SBOM, Container, and/or DAST results and leverage SOOS's issue management workflows for your SAST issues.

Ingesting SAST or Secret results is quick and easy, once you have an account there are a number of ways to run your first scan/ingest, from there you can add additional configurations and integrations.

First you'll need a trial account, follow Initial Account Creation to get set up.

The quickest way to run to ingest scan results is to run your SAST/Secrets tool and generated a SARIF file, then just drop the files into the File QuickScan.

Use the SAST/Secrets tab of the Integrations page to configure a scan and ingest using a script or CI/CD system.

SAST scans will appear on your Developer Dashboad as projects. Project names can be specified using the Script or CI/CD integration. If the project name corresponds to an existing project, the scan indicator will be used to show all scan types for the project. See Projects for more details on determining and switching scan types for a project.

Want the technical details? Check out or GitHub Readme it has all the details you'll need. You can also browse the full source of our SAST integration script under this same GitHub repo, if you're curious!

The SOOS Configuration System provides a highly flexible and overridable configuration system.

SOOS supports numerous Integrations, including Issue Management Integrations.