Machine learning has certainly stirred up the field of static code analysis. Using high volumes of available open source code to train, inform, and optimize analyzers for static application security testing (SAST) has broken new ground to the point of disruption. But does it tackle the on-going problems with speed and accuracy that have kept static tools from being embedded in the developer workflow? In this talk, we’ll review developments in the space, provide a look into the near future of innovation, and share ways for today’s practitioners to use what is available and prepare their organizations for what is to come.