# SentinelSAST — AI-Powered Security Testing Platform

**By 386 LLC** | [sentinelsast.com](https://sentinelsast.com)

## What is SentinelSAST?

SentinelSAST is an AI-powered Static Application Security Testing (SAST) platform. Unlike legacy scanners that rely on regex rules and pattern lists, SentinelSAST uses advanced AI reasoning to analyze code the same way a senior security engineer would.

Submit source code, upload a file, or provide a URL — get a complete security audit in under 60 seconds.

## Key Capabilities

- **AI-Powered SAST Engine** — Deep reasoning, not pattern matching
- **Live URL / Website Scanning** — Analyze live pages for headers, libraries, CORS, cookies, secrets
- **Memory Safety & Buffer Overflows** — C/C++ unsafe operations, bounds checks, integer overflows
- **Injection Flaw Detection** — SQL, command, template, LDAP injection, SSRF
- **Mobile Application Security** — iOS, Android, React Native, Flutter
- **OWASP Top 10 + CWE Mapping** — Compliance-grade reporting
- **SCA / Dependency Scanning** — package.json, requirements.txt, Gemfile, go.mod and more
- **PDF Report Generation** — Stakeholder-ready professional reports
- **Team Remediation Tracker** — Status tags, comments, audit trail

## Supported Languages

- **Web:** JavaScript, TypeScript, HTML, CSS, JSON, YAML
- **Backend:** Python, Java, PHP, Go, Ruby, Rust, C#
- **Systems:** C, C++
- **Mobile:** Swift (iOS), Kotlin (Android), React Native, Flutter/Dart
- **Data:** SQL, Bash/Shell, PowerShell

## Quick Start

1. Go to [sentinelsast.com/new-audit](https://sentinelsast.com/new-audit)
2. Choose: Paste Code, Upload File, or Scan URL
3. Click **Run Security Audit**
4. Review findings with severity ratings, CWE IDs, and AI-generated fixes

## API & Discovery

- API Catalog: `/.well-known/api-catalog`
- MCP Server Card: `/.well-known/mcp/server-card.json`
- Agent Skills: `/.well-known/agent-skills/index.json`
- OpenAPI Spec: `/.well-known/openapi.json`
- OAuth Metadata: `/.well-known/oauth-protected-resource`
