diff --git a/dso/model.py b/dso/model.py
index a116a9447..96f35baea 100644
--- a/dso/model.py
+++ b/dso/model.py
@@ -13,6 +13,17 @@
 import unixutil.model
 
 
+class ComponentContext(enum.StrEnum):
+    INTERNAL = 'internal'
+    PUBLIC = 'public'
+
+
+class SastStatus(enum.StrEnum):
+    LOCAL_LINTING = 'local-linting'
+    NO_LINTING = 'no-linting'
+    CENTRAL_LINTING = 'central-linting'
+
+
 @dataclasses.dataclass
 class ScanArtifact:
     name: str
@@ -24,6 +35,7 @@ class ScanArtifact:
 class Datasource:
     ARTEFACT_ENUMERATOR = 'artefact-enumerator'
     BDBA = 'bdba'
+    CM06 = 'cm06'
     CHECKMARX = 'checkmarx'
     CLAMAV = 'clamav'
     CC_UTILS = 'cc-utils'
@@ -43,6 +55,11 @@ def datasource_to_datatypes(datasource: str) -> tuple[str]:
                 Datatype.STRUCTURE_INFO,
                 Datatype.RESCORING,
             ),
+            Datasource.CM06: (
+                Datatype.ARTEFACT_SCAN_INFO,
+                Datatype.SAST_FINDING,
+                Datatype.RESCORING,
+            ),
             Datasource.CHECKMARX: (
                 Datatype.CODECHECKS_AGGREGATED,
             ),
@@ -193,6 +210,7 @@ class Datatype:
     LICENSE = 'finding/license'
     VULNERABILITY = 'finding/vulnerability'
     MALWARE_FINDING = 'finding/malware'
+    SAST_FINDING = 'finding/sast'
     DIKI_FINDING = 'finding/diki'
     CODECHECKS_AGGREGATED = 'codechecks/aggregated'
     OS_IDS = 'os_ids'
@@ -209,6 +227,7 @@ def datatype_to_datasource(datatype: str) -> str:
             Datatype.CODECHECKS_AGGREGATED: Datasource.CHECKMARX,
             Datatype.MALWARE_FINDING: Datasource.CLAMAV,
             Datatype.DIKI_FINDING: Datasource.DIKI,
+            Datatype.SAST_FINDING: Datasource.CM06,
         }[datatype]
 
 
@@ -355,6 +374,16 @@ def key(self) -> str:
         return self.finding.key
 
 
+@dataclasses.dataclass(frozen=True)
+class SastFinding(Finding):
+    sast_statuses: list[SastStatus] | SastStatus
+    component_context: ComponentContext
+
+    @property
+    def key(self) -> str:
+        return f'{self.component_context}|{self.sast_statuses}'
+
+
 @dataclasses.dataclass(frozen=True)
 class DikiCheck:
     message: str
@@ -410,6 +439,7 @@ class CustomRescoring:
         RescoringVulnerabilityFinding
         | RescoringLicenseFinding
         | MalwareFindingDetails
+        | SastFinding
     )
     referenced_type: str
     severity: str
@@ -498,6 +528,7 @@ class ArtefactMetadata:
         | LicenseFinding
         | VulnerabilityFinding
         | ClamAVMalwareFinding
+        | SastFinding
         | DikiFinding
         | CodecheckSummary
         | OsID