Automated Static Application Security Testing are automation tests that review the code base for vulnerabilities, usually as part of the CI pipeline or locally via an IDE integration of a SAST tool. For example, base code is checked for mishandling of user input that could allow template injection or sql query injection. SAST tools may also suggest the developer mitigation solution like deserializing untrusted user input.