![img of .Net static code analysis in Azure DevOps with Security Code Scan](/_astro/a00e1d922c9d482e8ca3287e61efdbd5.dl_9b5nA_Z1lfadU.webp)
4 min read
Security You've probably heard about other SAST tools like SonarQube, but since Security Code Scan is a lesser known tool I'll start off with a list of reasons why you might consider using it.
You've probably heard about other SAST tools like SonarQube, but since Security Code Scan is a lesser known tool I'll start off with a list of reasons why you might consider using it.
Have you ever wondered if your dependency scanning is checking for vulnerabilities beyond your immediate package references?