Static application security testing (SAST) is the process of examining source code for security defects. SAST is one of many checks in an application security assurance program designed to find and fix security vulnerabilities early in the DevOps process. Integrating SAST into DevOps is critical to building a sustainable program. And automating your SAST tools is an important part of adoption, as it drives efficiency, consistency, and early detection.
How to integrate SAST into DevOps
DevOps practitioners looking to integrate SAST into DevOps often have questions and concerns. Are you ready to put the Sec into DevSecOps with automated SAST but not sure how to do it? This session will offer actionable advice to automate security testing that supports DevOps velocity. Join Meera Rao, senior principal consultant at Synopsys, for Static Analysis Helps DevOps Teams Maintain Velocity Securely on Oct. 11 at 12–1 p.m. EDT. Here are just a few of the questions she’ll answer:
- How do I manage false positives?
- How do I triage the results?
- What happens to new issues identified?
- How can I use a tool in my DevOps pipeline?
Join us Oct. 11 at 12–1 p.m. EDT.
*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/integrate-sast-into-devops-webinar/