Module 8: Static Analysis (SAST) What Analyzing source code or binaries without execution. Benefits Early vulnerability detection. Integrates into CI/CD. Challenges False positives. Tool configuration required. Examples SonarQube, Semgrep, CodeQL.