Tag: SAST
JFrog Acquires Vdoo to Advance DevSecOps
Mike Vizard | | application development, binaries, DAST, devsecops, jfrog, SAST, secure software development, VdooJFrog today announced it has agreed to acquire Vdoo for $300 million in cash to gain a set of analytics tools that discover vulnerabilities in application binaries. Vdoo's scanning tools, infused with ...
Continuous Testing Practices – Part 3
In my prior blog, Continuous Testing – The Quest for Quality at Speed, I described five tenets and some of the practices for continuous testing to help with understanding what continuous testing ...
Prevent False Positives From Derailing Shift Left
Walter Capitani | | application testing, SAST, secure software development, security testing, shift leftStatic application security testing (SAST) tools are designed to balance false positives (incorrect warnings) with false negatives (missed vulnerabilities) primarily because deeper analysis requires more time and computing resources. Both of these ...
SAST, DAST, SCA: What’s Best For AppSec Testing?
According to the most recent Verizon Data Breach Investigations Report, almost 90% of data breaches are driven by financial gain, up from 71% in last year's report. Most noteworthy, however, is that ...
GrammaTech Allies with GitLab to Advance DevSecOps
GrammaTech announced today it has partnered with GitLab to integrate its GrammaTech CodeSonar static application security testing (SAST) tools with the GitLab Ultimate DevSecOps platform. Vince Arneja, chief product officer at GrammaTech, ...
What is SAST? Overview + SAST Tools
Static Application Security Testing Overview With the growing number of cybersecurity threats, you must ensure that your software is protected against potential vulnerabilities and threats. One of the most beneficial practices is ...
Shifting Left and Static Code Analysis with Perforce
Perforce Product Manager Stuart Foster, and Evangelist Steve Howard, join Mitch Ashley to discuss the importance of creating security software from the beginning of the development process. We discuss shift left, SAST, ...
Snyk Brings AI to DevSecOps
Snyk today at its SnykCon 2020 conference announced a static application security testing (SAST) dubbed Snyk Code that incorporates an interpretable machine learning semantic code analysis engine the company gained through its ...
Code Security: SAST, Shift-Left, DevSecOps and Beyond
Automation is the key to pushing code security beyond DevSecOps In virtually every industry, developers are dealing with ensuring the safety of their code. Regardless of whether it's enterprise or applications for ...
What Developers Really Think About Pentesting
Matias Madou | | dev teams, developers, devsecops, penetration testing, pentester, pentesting, SAST, static analysis, static analysis scanning toolsA developer in their natural habitat is often spotted in a state of deep concentration, coding awesome features to tight deadlines. Feature-building is often our favorite part of the job, and really, ...
3 DevOps Security Best Practices Your Organization Can’t Afford To Ignore
Alexey Klochay | | CI/CD, DAST, devsecops, Dynamic Application Security Testing, GitLeaks, SAST, secure pipeline, Static Application Security TestingCI/CD pipelines are at the core of daily operations for many businesses today. These processes, when set up correctly, help to keep the delivery process consistent by automating many manual tasks and ...
5 Ways to Detect Application Security Vulnerabilities Sooner to Reduce Costs and Risk
Mike Douglas | | application security, appsec, cost optimization, DAST, open source vulnerabilities, SASTSecurity testing has always been an important step in the application development process. Yet, traditional measures often occur too late in the process to effectively find and fix vulnerabilities before causing costly ...
