Add DevSecOps capabilities on SAM

[allanchua101]

It would be awesome to see some security capabilities embedded on SAM such as:

SAST commands for detecting OWASP-like threats such as SQL and NoSQL injections

# For people using DynamoDB and DocumentDB
sam sast -nosql

# For people using RDS aurora
sam sast -sql-injection 

SCA commands for analyzing function dependencies such as:

# For NodeJS devs
sam sca --nodejs

# For Python Devs
sam sca --python

Who benefits from this?

• For engineering teams working on FSI and regulated industries, this would be a big bargaining chip for them to start proposing advantage and ease of using native serverless tools such as SAM.
• For engineering teams who want to protect their workload without having to learn too much devops tooling.