Feature Overview
Datadog Static Code Analysis (SAST) continuously detects vulnerabilities and provides suggested fixes early in the development cycle. By integrating directly into IDEs, pull requests, and CI/CD pipelines, Static Code Analysis helps developers can tackle critical vulnerabilities without delaying delivery.
See also
View documentationSecure code as it’s being written directly in your IDE
- Discover vulnerabilities in real time in your IDE and apply deterministic suggested fixes with a single click
- Manage rule configuration at both global and repository levels
- Detect vulnerabilities before code is committed using Git hooks
Catch and remediate vulnerabilities during code review
- Automatically flag vulnerabilities with pull request comments across Git repositories
- Fix vulnerabilities with one click by applying suggested fixes directly from inline pull request comments
- Accelerate scan times by scanning only the modified files in each commit
- Configure pull request comments by scan type, severity, and more on global and repository levels in Datadog
Automatically block new vulnerabilities with security gates
- Create and manage checks on every new pull request to your repositories
- Block new code vulnerabilities and license risks from reaching your production codebase
- Enforce security and quality standards across your organization
Centralize vulnerabilities from external sources in one place
- Upload SARIF results from external tools to Datadog for a consolidated view of vulnerabilities
- Triage vulnerabilities detected by third-party security vendors directly in Datadog
- Manage remediation workflows across teams without needing separate tools or dashboards
2025 GARTNER® MAGIC QUADRANT™
Datadog has been recognized as a Leader in the Gartner Magic Quadrant™ for Observability Platforms