INTRODUCTION
OpenText Static Application Security Testing 26.1 is a structural release for enterprise AppSec programs. It expands language coverage, introduces AI-powered SAST, updates mobile and Python support, and changes how teams deploy and govern scanning infrastructure. For large organizations managing hundreds of applications, this release supports broader risk coverage, clearer governance, and better alignment between security tooling and modern delivery platforms.
WHY THIS RELEASE MATTERS FOR ENTERPRISE DEVSECOPS
Enterprise security leaders care about three outcomes: coverage, control, and delivery velocity. OpenText SAST 26.1 moves the platform forward on all three.
Strategic outcomes:
- Broader SAST coverage across modern, legacy, and scripting languages
- Improved governance and audit posture for mobile, IaC, and Ruby workloads
- Clearer separation of central and distributed scanning components
- Better alignment with current build tools and runtimes
EXPANDED LANGUAGE SUPPORT AND PYTHON 3.14
OpenText SAST 26.1 adds Python 3.14 support and expands coverage through its AI-powered engine.
Enterprise impact:
- Reduces blind spots in data pipelines, integration services, and internal tools
- Allows security testing to stay aligned with runtime upgrades
- Supports evidence-based risk approvals for platform modernization
Operational value:
- Developers upgrade Python without waiting on tooling changes
- CI pipelines remain stable during runtime transitions
- QA and DevSecOps teams avoid parallel pipelines per language version
AI-POWERED SAST FOR 12 ADDITIONAL LANGUAGES
The new AI-powered analyzer extends coverage to Ada, Bash, Delphi, Elixir, Erlang, Groovy, Lua, Perl, PowerShell, R, Ruby, and Rust.
Enterprise impact: