DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • Calendar View
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • Calendar View
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • CI/CD
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Sustainability
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Cisco Acquires Splunk to Create Observability Powerhouse
  • Nobl9 Unfurls Reliability Center for Managing SLOs
  • Harness Launches Open Source Gitness Platform
  • Documentation as Code: A Game Changer for DevOps Teams?
  • Innersourcing Open Source Principles in the Enterprise

Tag: SAST

Security AppSec Managing cloud security

The Security Pipeline

Avatar photoDon Macvittie | June 21, 2023 | agile, container image scanning, DAST, devsecops, IAST, SAST, SBoM, SCA, security, security integration
Over the last few years, the ability to secure our applications has grown, and deep integration into the DevOps toolchain has, too. There are more tools doing more security checks protecting more ...
syslogs HashiCorp Checkmarx Synopsys Cycode CodeLogic scanning Contrast Security secrets scan dynamic

Checkmarx Brings Generative AI to SAST and IaC Security Tools

Avatar photoMike Vizard | May 31, 2023 | ChatGPT, Checkmarx, generative AI, IaC, ides, SAST, vulnerability scanning
Under an early access program, Checkmarx today made available query builder and guided automation tools that take advantage of OpenAI's generative artificial intelligence (AI) technologies to make it simpler for developers to ...
Mobb antipattern DevOps

Mobb Launches Community Edition of Automated Remediation Tool

Avatar photoMike Vizard | April 17, 2023 | appsec, code scanning, Mobb, SAST, vulnerabilities, vulnerability scanning
Mobb today made available a free community edition of a namesake tool that creates fixes to open source vulnerabilities. The fixes are based on the results of code scanning by a static ...
code, exercised, negative, testing, CI/CD SAST productivity product organizations development testing devops compliance developers Shortcut testing QA PractiTest Mabl

A Seven Point Checklist for Getting SAST Right

Avatar photoMark Hermeling | March 24, 2023 | code security, product security, SAST, software quality, Static Application Security Testing
With so many physical products—from automobiles to airplanes and medical devices to industrial control systems—now being driven by software, product security has become a top-level concern for manufacturers. Software flaws can not ...
software supply chains Google supply chain

Addressing Software Supply Chain Security

Avatar photoTomislav Pericin | March 15, 2023 | DAST, SAST, SCA, Software Supply Chain, software supply chain attacks, Software Supply Chain Security
It’s essential for organizations to learn more about the software supply chains they rely on and the steps needed to secure them. In just the past few years, we have seen a ...
ZAP Menlo Security - cloud security

Update to Open Source ZAP Tool Improves DAST Performance

Avatar photoMike Vizard | November 1, 2022 | attack proxy, DAST, devsecops, OWASP, SAST, ZAP
An update to the OWASP Zed Attack Proxy (ZAP) open source dynamic application security testing (DAST) tool made available today improves performance by employing a multi-threaded passive scanner engine. Version 2.12.0 of ...
SAST time DevSecOps SAST DAST code

Three Ways to Speed up SAST

Avatar photoMark Hermeling | October 25, 2022 | application development, application testing, DecSecOps, embedded software, SAST
In modern, continuous software development life cycle (SDLC) processes, when code is written and before it’s committed to the repository, it’s run through testing, which may include unit testing, regression testing or ...
syslogs HashiCorp Checkmarx Synopsys Cycode CodeLogic scanning Contrast Security secrets scan dynamic

Cycode Expands Scope of AppDev Security Platform

Avatar photoMike Vizard | August 11, 2022 | code scanning, Cycode, graph database, SAST, SCA
At the Black Hat USA 2022 conference, Cycode this week announced it has added static application security testing (SAST) and container scanning capabilities to its software composition analysis (SCA) platform that is based ...
SAST time DevSecOps SAST DAST code

Turning Off DevSecOps Noise for Functional Fidelity

Avatar photoWaqas Nazir | July 6, 2022 | application security, code scanning, DAST, IAST, SAST
Analyzing the DevOps and DevSecOps software marketplace demonstrates the high demand for tools and platforms that reduce false positives. As businesses and organizations adopt a rigorous, disciplined software development life cycle and ...
Agile documentation jobs password DevSecOps learning DevOps

Quick! Define DevSecOps: Let’s Call it Development Security

Avatar photoDon Macvittie | June 29, 2022 | Agile Security, DAST, devsecops, IAST, SAST, Security scanning
For a good long while, DevSecOps referred specifically to vendors like Veracode that did static application security scanning, dynamic application security scanning, software composition analysis and some form of runtime monitoring (usually ...
Gremlin EU open source Cyber Resilience Act Mend whitesource

WhiteSource Becomes Mend, Launches Automated Remediation Platform

Avatar photoMike Vizard | May 25, 2022 | code scanning, Mend, SAST, SCA, supply chain, WhiteSource
WhiteSource rechristened itself Mend today and launched a remediation platform that automatically resolves security issues for application developers. Rami Sass, co-founder and CEO of Mend, said now the company is going beyond ...
TestOps Shift left testing - DevOps - Open Mainframe Virtual Event - IBM

Shift Left is Only Part of Secure Software Delivery

Avatar photoAnna Belak | April 20, 2022 | SAST, SCA, secure coding, shift left, Snyk, Sysdig
We’re living in the age of accelerated consumption and delivery. You can get a seemingly infinite selection of products delivered to your door within two days, for free, from thousands of miles ...
Show More Loading...

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Cloud Security Turbocharged: A Wild Ride of Innovation, Threats and Staying Ahead
Friday, September 22, 2023 - 11:00 am EDT
Infosys Zero Cost Mainframe Transformations
Monday, September 25, 2023 - 11:00 am EDT
How PRINCE2 Improves Cybersecurity
Tuesday, September 26, 2023 - 11:00 am EDT

GET THE TOP STORIES OF THE WEEK

Sponsored Content

JFrog’s swampUP 2023: Ready for Next 

September 1, 2023 | Natan Solomon

DevOps World: Time to Bring the Community Together Again

August 8, 2023 | Saskia Sawyerr

PlatformCon 2023: This Year’s Hottest Platform Engineering Event

May 30, 2023 | Karolina Junčytė

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Latest from DevOps.com

Cisco Acquires Splunk to Create Observability Powerhouse
September 21, 2023 | Mike Vizard
Nobl9 Unfurls Reliability Center for Managing SLOs
September 21, 2023 | Mike Vizard
Harness Launches Open Source Gitness Platform
September 21, 2023 | Mike Vizard
Documentation as Code: A Game Changer for DevOps Teams?
September 21, 2023 | Gilad David Maayan
Innersourcing Open Source Principles in the Enterprise
September 21, 2023 | Bill Doerrfeld

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

Most Read on DevOps.com

Why Enterprises Should Embrace Data-Driven Software Management
September 15, 2023 | Alex Circei
Should You Measure Developer Productivity?
September 18, 2023 | Bill Doerrfeld
Buildkite Acquires Packagecloud to Streamline DevOps Workflows
September 19, 2023 | Mike Vizard
JFrog swampUP: Addressing the Advent of AI
September 18, 2023 | William Willis
DevOps is Making Gains on Mainframe Platforms
September 15, 2023 | Mike Vizard
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.