OWASP SAST is a set of guidelines, tools, and techniques for identifying vulnerabilities in software applications through static code analysis. SAST involves analyzing the source code or binary code of an application without executing it, to detect potential security flaws. OWASP provides a comprehensive framework for SAST, including a list of recommended tools, techniques, and best practices.
But semantically? They are asking for the most important shift in modern DevSecOps.
The engine maps all possible execution paths through the application. It tracks how data moves through conditional statements ( if/else ), loops, and function calls.