From 3cfcfcc9d76f68d5c64bb0c413c4baf35f959538 Mon Sep 17 00:00:00 2001 From: Cole Maring Date: Mon, 15 Jun 2026 13:14:50 -0400 Subject: [PATCH] add agentic Bits AI docs --- .../code_security/static_analysis/ai_enhanced_sast.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/content/en/security/code_security/static_analysis/ai_enhanced_sast.md b/content/en/security/code_security/static_analysis/ai_enhanced_sast.md index 4d433ec134d..bdc6a458c0e 100644 --- a/content/en/security/code_security/static_analysis/ai_enhanced_sast.md +++ b/content/en/security/code_security/static_analysis/ai_enhanced_sast.md @@ -143,6 +143,12 @@ To narrow down your initial list for triage, in [Vulnerabilities][6], select **F Each finding includes a section with an explanation of the assessment. You can provide Bits AI with feedback on its assessment using a thumbs up 👍 or thumbs down 👎. {{< img src="/code_security/static_analysis/false_positive_filtering_sast_side_panel_higher_res_png.png" alt="Visual indicator of a false positive assessment in SAST side panel" style="width:100%;">}} +### Agentic Bits AI assessments + +For supported SAST rules, Bits AI Assessments use an agentic approach to gather repository context before classifying findings. Bits AI can read related files and search for symbols and patterns. It can also inspect nearby directory structure to verify definitions, call paths, sanitizers, and framework wiring that are not visible in a single file. + +This extra context helps Bits AI distinguish true positives from false positives for findings that depend on cross-file behavior. Agentic Bits AI Assessments apply to SAST findings only. + ## Remediation Datadog SAST uses the [Bits Code][10] to generate code fixes for vulnerabilities. You can remediate individual vulnerabilities or fix multiple vulnerabilities using bulk remediation campaigns.