Coming Soon

Bast

Pluggable Code Security

Lightweight static analysis that runs in your editor. Find vulnerabilities as you type, not after you deploy. Extensible rules engine for any security policy.

Join Waitlist Learn More
app.py
1 import os
2
3 def run_command(user_input): Command injection risk
4 os.system(user_input) B605: shell injection
5
6 def run_safe(cmd, args):
7 subprocess.run([cmd] + args)

Real-Time Feedback

See security issues as you type. No waiting for CI builds or scheduled scans. Instant feedback in your editor.

🧩

Pluggable Rules

Write custom rules in YAML or Python. Share rules across teams. Import community rule packs.

🎯

Low False Positives

Context-aware analysis reduces noise. Taint tracking follows data flow. Smart severity scoring.

🚀

Blazing Fast

Written in Rust for maximum performance. Incremental analysis only re-scans changed code.

Write Rules Your Way

Simple YAML syntax for powerful security patterns

id: hardcoded-secret
message: Hardcoded secret detected
severity: HIGH
languages:
  - python
  - javascript
pattern: |
  $VAR = "$SECRET"
metavariable-regex:
  $SECRET: (api_key|secret|password).*
fix: Use environment variables instead

Works Where You Work

Native integrations for your favorite tools

VS
VS Code
IJ
IntelliJ
NV
Neovim
GH
GitHub Actions
GL
GitLab CI
CLI
CLI

Multi-Language Support

Python
JavaScript
TypeScript
Go
Rust
Java
C/C++
Ruby
PHP
C#
+15 more

Be First to Try Bast

Join our waitlist for early access. Get notified when we launch and receive exclusive beta features.

No spam. We'll only email you about Bast updates.