From 086c07f0988a0f37a5e4d2ec538cb9e93167f97c Mon Sep 17 00:00:00 2001 From: AppSec Santa <93403487+appsecsanta@users.noreply.github.com> Date: Fri, 20 Feb 2026 16:50:59 +0200 Subject: [PATCH 1/3] Add SAST tools comparison reference --- .../2-3-1-1-Static-Application-Security-Testing.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/current-version/2-Process/2-3-Build/2-3-1-Static-Analysis/2-3-1-1-Static-Application-Security-Testing.md b/current-version/2-Process/2-3-Build/2-3-1-Static-Analysis/2-3-1-1-Static-Application-Security-Testing.md index 946e125..730b259 100644 --- a/current-version/2-Process/2-3-Build/2-3-1-Static-Analysis/2-3-1-1-Static-Application-Security-Testing.md +++ b/current-version/2-Process/2-3-Build/2-3-1-Static-Analysis/2-3-1-1-Static-Application-Security-Testing.md @@ -50,3 +50,5 @@ So according to the above lines the possible actions in this step are as follows ### Links [^1]: Listed in alphabetical order. + +- [AppSec Santa — SAST Tools Comparison](https://appsecsanta.com/sast-tools) - Independent comparison of 30+ SAST tools From 79c664c301495bf7547cedebadeccedf98960b23 Mon Sep 17 00:00:00 2001 From: AppSec Santa <93403487+appsecsanta@users.noreply.github.com> Date: Fri, 20 Feb 2026 16:51:08 +0200 Subject: [PATCH 2/3] Add DAST tools comparison reference --- .../2-4-Test/2-4-2-Dynamic-Application-Security-Testing.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/current-version/2-Process/2-4-Test/2-4-2-Dynamic-Application-Security-Testing.md b/current-version/2-Process/2-4-Test/2-4-2-Dynamic-Application-Security-Testing.md index 1a7df3d..ac1a8c2 100644 --- a/current-version/2-Process/2-4-Test/2-4-2-Dynamic-Application-Security-Testing.md +++ b/current-version/2-Process/2-4-Test/2-4-2-Dynamic-Application-Security-Testing.md @@ -41,3 +41,5 @@ DAST tools allow for extensive scans from the client side and server side withou - [RAPID7 - Dynamic Application Security Testing](https://www.rapid7.com/fundamentals/dast/) [^1]: Listed in alphabetical order. + +- [AppSec Santa — DAST Tools Comparison](https://appsecsanta.com/dast-tools) - Independent comparison of DAST tools with features and alternatives From 84dbd968ed51c66acb7e4df8f7b0b71e6d57af94 Mon Sep 17 00:00:00 2001 From: AppSec Santa <93403487+appsecsanta@users.noreply.github.com> Date: Fri, 20 Feb 2026 16:51:16 +0200 Subject: [PATCH 3/3] Add SCA tools comparison reference --- .../2-3-2-1-Software-Composition-Analysis.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/current-version/2-Process/2-3-Build/2-3-2-Software Composition Analysis/2-3-2-1-Software-Composition-Analysis.md b/current-version/2-Process/2-3-Build/2-3-2-Software Composition Analysis/2-3-2-1-Software-Composition-Analysis.md index 04cc33b..fde7b5e 100644 --- a/current-version/2-Process/2-3-Build/2-3-2-Software Composition Analysis/2-3-2-1-Software-Composition-Analysis.md +++ b/current-version/2-Process/2-3-Build/2-3-2-Software Composition Analysis/2-3-2-1-Software-Composition-Analysis.md @@ -69,3 +69,5 @@ Supply chain attacks involve exploiting vulnerabilities in the interconnected ne - [SBOM - OWASP](https://owasp.org/www-community/Component_Analysis#software-bill-of-materials-sbom) [^1]: Listed in alphabetical order. + +- [AppSec Santa — SCA Tools Comparison](https://appsecsanta.com/sca-tools) - Independent comparison of SCA tools with features and alternatives