jfrog / frogbot

🐸 Scans your Git repository with JFrog Xray for security vulnerabilities. 🤖
https://docs.jfrog-applications.jfrog.io/
Apache License 2.0
305 stars 72 forks source link

Question #675

Open Sof0-0 opened 7 months ago

Sof0-0 commented 7 months ago

Hello! I am researching on the JFrog XRay functionality for the SAST.

And I could not find any information on how JFrog XRay is performing its scans. Does it build out the whole environment in the DB format and then performs quering on it or builds a tokenized tree?

What is the operational procedure for it?

I would appreciate it!

orz25 commented 7 months ago

Hey @Sof0-0,

Thank you for your interest in our product! You can find all the information about our SAST capability in the following links:

  1. https://jfrog.com/sast/
  2. https://jfrog.com/blog/build-trust-release-code-with-confidence-with-jfrog-sast/
eranturgeman commented 5 months ago

Hello @Sof0-0 Did the provided documentations answered your question? If you have any further information you require please let us know. If it fully answered your question- can I close this ticket? :)