Static Code Analyzer for Visual Cobol?

I hope I'm in a good sub for this... I'm trying to find a static code analyzer for visual cobol that can scan against PCI security regulations. Has anyone run into this? The best option I've found so far would be Yasca, but I would have to define my own rule-set and I just don't know enough about cobol or PCI to do that. https://nox.tips/